VAR-201408-0155
Vulnerability from variot - Updated: 2025-04-13 23:25The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914. The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution (LTE). Cisco ASR 5000 Series Software is prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCuo21914. Packet Data Network Gateway (aka PGW) is one of the packet data gateways
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "14.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "15.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "17.0.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "16.1.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "16.1.2"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "16.1.1"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.1.2 for up to 16.x"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "17.0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:asr_5000_series_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "69281"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3331",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3331",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-05130",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-71271",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3331",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3331",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-05130",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71271",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "VULHUB",
"id": "VHN-71271"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914. The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution (LTE). Cisco ASR 5000 Series Software is prone to a denial-of-service vulnerability. \nThis issue is being tracked by Cisco Bug ID CSCuo21914. Packet Data Network Gateway (aka PGW) is one of the packet data gateways",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3331"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "BID",
"id": "69281"
},
{
"db": "VULHUB",
"id": "VHN-71271"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3331",
"trust": 3.4
},
{
"db": "BID",
"id": "69281",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "60706",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030747",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201408-318",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-05130",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-71271",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "VULHUB",
"id": "VHN-71271"
},
{
"db": "BID",
"id": "69281"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"id": "VAR-201408-0155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "VULHUB",
"id": "VHN-71271"
}
],
"trust": 1.1269730199999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
}
]
},
"last_update_date": "2025-04-13T23:25:23.186000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco Packet Data Network Gateway Denial of Service Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331"
},
{
"title": "35346",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35346"
},
{
"title": "Patch for Cisco ASR 5000 Series Software Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/49139"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71271"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/69281"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3331"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=35346"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030747"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60706"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95357"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3331"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3331"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "VULHUB",
"id": "VHN-71271"
},
{
"db": "BID",
"id": "69281"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"db": "VULHUB",
"id": "VHN-71271"
},
{
"db": "BID",
"id": "69281"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"date": "2014-08-20T00:00:00",
"db": "VULHUB",
"id": "VHN-71271"
},
{
"date": "2014-08-19T00:00:00",
"db": "BID",
"id": "69281"
},
{
"date": "2014-08-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"date": "2014-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"date": "2014-08-20T11:17:14.250000",
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05130"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-71271"
},
{
"date": "2014-08-21T00:12:00",
"db": "BID",
"id": "69281"
},
{
"date": "2014-08-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003875"
},
{
"date": "2014-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-318"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3331"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASR 5000 Series of software Packet Data Network Gateway of Service disruption in the Session Manager component (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-318"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…