4

CVE-2014-3276

EPSS 0.59%
Veröffentlicht 26.05.2014 00:25:31
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Identity Services Engine Software Version <= 1.2

Cisco ≫ Identity Services Engine Software Version1.0

Cisco ≫ Identity Services Engine Software Version1.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.59%	0.68

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3276

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=34329

Vendor Advisory

http://www.securitytracker.com/id/1030274

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2014-3276

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3276

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3276

EUVD