CVE-2014-3360

Severity Score

7.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586.

Cisco IOS 12.4 y 15.0 hasta 15.4 y IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un mensaje SIP manipulado, también conocido como Bug ID CSCul46586.

*Credits: N/A

CVSS Scores

NISTv2 7.8

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-05-07 CVE Reserved
2014-09-25 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CAPEC

References (5)

URL	Tag	Source
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip/cvrf/cisco-sa-20140924-sip_cvrf.xml	X_refsource_confirm
http://www.securityfocus.com/bid/70141	Vdb Entry
http://www.securitytracker.com/id/1030897	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/96174	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip	2017-08-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.1 Search vendor "Cisco" for product "Ios" and version "15.1"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.2 Search vendor "Cisco" for product "Ios" and version "15.2"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.3 Search vendor "Cisco" for product "Ios" and version "15.3"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.4 Search vendor "Cisco" for product "Ios" and version "15.4"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.0s Search vendor "Cisco" for product "Ios Xe" and version "3.1.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.1s Search vendor "Cisco" for product "Ios Xe" and version "3.1.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.2s Search vendor "Cisco" for product "Ios Xe" and version "3.1.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.3s Search vendor "Cisco" for product "Ios Xe" and version "3.1.3s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.4s Search vendor "Cisco" for product "Ios Xe" and version "3.1.4s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.2.0s Search vendor "Cisco" for product "Ios Xe" and version "3.2.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.2.1s Search vendor "Cisco" for product "Ios Xe" and version "3.2.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.2.2s Search vendor "Cisco" for product "Ios Xe" and version "3.2.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.0s Search vendor "Cisco" for product "Ios Xe" and version "3.3.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.1s Search vendor "Cisco" for product "Ios Xe" and version "3.3.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.2s Search vendor "Cisco" for product "Ios Xe" and version "3.3.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.3s Search vendor "Cisco" for product "Ios Xe" and version "3.3.3s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.0s Search vendor "Cisco" for product "Ios Xe" and version "3.4.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.1s Search vendor "Cisco" for product "Ios Xe" and version "3.4.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.2s Search vendor "Cisco" for product "Ios Xe" and version "3.4.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.3s Search vendor "Cisco" for product "Ios Xe" and version "3.4.3s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.4s Search vendor "Cisco" for product "Ios Xe" and version "3.4.4s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.5s Search vendor "Cisco" for product "Ios Xe" and version "3.4.5s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.5.0s Search vendor "Cisco" for product "Ios Xe" and version "3.5.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.5.1s Search vendor "Cisco" for product "Ios Xe" and version "3.5.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.5.2s Search vendor "Cisco" for product "Ios Xe" and version "3.5.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.6s\(.0\) Search vendor "Cisco" for product "Ios Xe" and version "3.6s\(.0\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.6s\(.1\) Search vendor "Cisco" for product "Ios Xe" and version "3.6s\(.1\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.6s\(.2\) Search vendor "Cisco" for product "Ios Xe" and version "3.6s\(.2\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.7\(0\)s Search vendor "Cisco" for product "Ios Xe" and version "3.7\(0\)s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.7\(1\)as Search vendor "Cisco" for product "Ios Xe" and version "3.7\(1\)as"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.7\(2\)s Search vendor "Cisco" for product "Ios Xe" and version "3.7\(2\)s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.7\(3\)s Search vendor "Cisco" for product "Ios Xe" and version "3.7\(3\)s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.7\(4\)s Search vendor "Cisco" for product "Ios Xe" and version "3.7\(4\)s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.7\(5\)s Search vendor "Cisco" for product "Ios Xe" and version "3.7\(5\)s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.8.0s Search vendor "Cisco" for product "Ios Xe" and version "3.8.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.8s\(.0\) Search vendor "Cisco" for product "Ios Xe" and version "3.8s\(.0\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.8s\(.1\) Search vendor "Cisco" for product "Ios Xe" and version "3.8s\(.1\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.8s\(.2\) Search vendor "Cisco" for product "Ios Xe" and version "3.8s\(.2\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.9s\(.0\) Search vendor "Cisco" for product "Ios Xe" and version "3.9s\(.0\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.9s\(.1\) Search vendor "Cisco" for product "Ios Xe" and version "3.9s\(.1\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.9s\(.2\) Search vendor "Cisco" for product "Ios Xe" and version "3.9s\(.2\)"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.10 Search vendor "Cisco" for product "Ios Xe" and version "3.10"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.10.0s Search vendor "Cisco" for product "Ios Xe" and version "3.10.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.11.0s Search vendor "Cisco" for product "Ios Xe" and version "3.11.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.11.1s Search vendor "Cisco" for product "Ios Xe" and version "3.11.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.11.2s Search vendor "Cisco" for product "Ios Xe" and version "3.11.2s"		-		Affected