CVE-2014-3361
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
25/09/2014
Last modified:
12/04/2025
Description
The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.
Impact
Base Score 2.0
7.10
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.4:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat/cvrf/cisco-sa-20140924-nat_cvrf.xml
- http://www.securityfocus.com/bid/70129
- http://www.securitytracker.com/id/1030896
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96181
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat/cvrf/cisco-sa-20140924-nat_cvrf.xml
- http://www.securityfocus.com/bid/70129
- http://www.securitytracker.com/id/1030896
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96181