VAR-201410-0991
Vulnerability from variot - Updated: 2025-04-13 23:41Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736. The Cisco ASR 901 Series Routers are router devices issued by Cisco. A denial of service vulnerability exists in the Cisco ASR 901 Series Routers that could allow an attacker to reload an affected device and deny service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuo29736
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201410-0991",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "15.4\\(3\\)s0b"
},
{
"model": "asr901",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "asr 901 router",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.4(3)s0b"
},
{
"model": "asr series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "901"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:asr901",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "70744"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
}
],
"trust": 0.9
},
"cve": "CVE-2014-3293",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3293",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-07536",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-71233",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3293",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3293",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-07536",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-1349",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71233",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "VULHUB",
"id": "VHN-71233"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736. The Cisco ASR 901 Series Routers are router devices issued by Cisco. A denial of service vulnerability exists in the Cisco ASR 901 Series Routers that could allow an attacker to reload an affected device and deny service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuo29736",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3293"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "BID",
"id": "70744"
},
{
"db": "VULHUB",
"id": "VHN-71233"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3293",
"trust": 3.4
},
{
"db": "BID",
"id": "70744",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1031122",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61830",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-07536",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-71233",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "VULHUB",
"id": "VHN-71233"
},
{
"db": "BID",
"id": "70744"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"id": "VAR-201410-0991",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "VULHUB",
"id": "VHN-71233"
}
],
"trust": 1.1269730199999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
}
]
},
"last_update_date": "2025-04-13T23:41:27.494000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco ASR901 Crafted IPv4 Packet Denial of Service Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3293"
},
{
"title": "36195",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36195"
},
{
"title": "Patch for Cisco ASR 901 Series Routers Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/51386"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71233"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3293"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/70744"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36195"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031122"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61830"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97769"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3293"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3293"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/70744/info"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "VULHUB",
"id": "VHN-71233"
},
{
"db": "BID",
"id": "70744"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"db": "VULHUB",
"id": "VHN-71233"
},
{
"db": "BID",
"id": "70744"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"date": "2014-10-28T00:00:00",
"db": "VULHUB",
"id": "VHN-71233"
},
{
"date": "2014-10-27T00:00:00",
"db": "BID",
"id": "70744"
},
{
"date": "2014-10-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"date": "2014-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"date": "2014-10-28T19:55:02.653000",
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07536"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-71233"
},
{
"date": "2014-10-27T00:00:00",
"db": "BID",
"id": "70744"
},
{
"date": "2014-10-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005113"
},
{
"date": "2014-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1349"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3293"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASR901 Runs on device Cisco IOS Denial of service in Japan (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005113"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1349"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…