CVE-2014-7997
Severity CVSS v4.0:
Pending analysis
Type:
CWE-399
Resource Management Errors
Publication date:
15/11/2014
Last modified:
12/04/2025
Description
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281.
Impact
Base Score 2.0
6.10
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1040:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1140:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1260:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3600:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3600e:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3600i:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3600p:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_600_office_extend:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_ap1100:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_ap1130ag:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_ap1230ag:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7997
- http://www.securitytracker.com/id/1031218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98691
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7997
- http://www.securitytracker.com/id/1031218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98691