VAR-200407-0043
Vulnerability from variot - Updated: 2025-04-03 22:24IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. A vulnerability in a Cisco VPN module can allow a remote attacker to cause a denial-of-service to the device in which the module is installed. Cisco IOS has been reported prone to a remote denial of service vulnerability. When one of the aforementioned appliances processes a malformed IKE packet, IOS will crash and reload. It is reported that Cisco IOS devices with Crypto support will process IKE messages by default. Cisco IOS is a very widely deployed network operating system. Many Cisco devices run IOS
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200407-0043",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2sxa"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(14\\)za"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(17a\\)sxa"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2sy"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2za"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(14\\)za2"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2sxb"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(14\\)sy"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.2za",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 za2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 za",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 za8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sy03",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#904310"
},
{
"db": "BID",
"id": "10083"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0710",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0710",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9140",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0710",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#904310",
"trust": 0.8,
"value": "8.10"
},
{
"author": "NVD",
"id": "CVE-2004-0710",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200407-073",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9140",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#904310"
},
{
"db": "VULHUB",
"id": "VHN-9140"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. A vulnerability in a Cisco VPN module can allow a remote attacker to cause a denial-of-service to the device in which the module is installed. Cisco IOS has been reported prone to a remote denial of service vulnerability. \nWhen one of the aforementioned appliances processes a malformed IKE packet, IOS will crash and reload. It is reported that Cisco IOS devices with Crypto support will process IKE messages by default. Cisco IOS is a very widely deployed network operating system. Many Cisco devices run IOS",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0710"
},
{
"db": "CERT/CC",
"id": "VU#904310"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"db": "BID",
"id": "10083"
},
{
"db": "VULHUB",
"id": "VHN-9140"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#904310",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2004-0710",
"trust": 2.8
},
{
"db": "BID",
"id": "10083",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200407-073",
"trust": 0.7
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5696",
"trust": 0.6
},
{
"db": "XF",
"id": "15797",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20040408 CISCO IPSEC VPN SERVICES MODULE MALFORMED IKE PACKET VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9140",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#904310"
},
{
"db": "VULHUB",
"id": "VHN-9140"
},
{
"db": "BID",
"id": "10083"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"id": "VAR-200407-0043",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9140"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:24:07.761000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20040408-vpnsm",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/10083"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/904310"
},
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5696"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0710"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0710"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15797"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5696"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#904310"
},
{
"db": "VULHUB",
"id": "VHN-9140"
},
{
"db": "BID",
"id": "10083"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#904310"
},
{
"db": "VULHUB",
"id": "VHN-9140"
},
{
"db": "BID",
"id": "10083"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-06-09T00:00:00",
"db": "CERT/CC",
"id": "VU#904310"
},
{
"date": "2004-07-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9140"
},
{
"date": "2004-04-08T00:00:00",
"db": "BID",
"id": "10083"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"date": "2004-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"date": "2004-07-27T04:00:00",
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-06-15T00:00:00",
"db": "CERT/CC",
"id": "VU#904310"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9140"
},
{
"date": "2009-07-12T04:06:00",
"db": "BID",
"id": "10083"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000114"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200407-073"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0710"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IPsec VPNSM vulnerable to DoS via malformed IKE packet",
"sources": [
{
"db": "CERT/CC",
"id": "VU#904310"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200407-073"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…