CVE-2014-7997
Severity Score
6.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281.
La implementación DHCP en Cisco IOS en puntos de acceso Aironet no maneja debidamente las condiciones de error con concesiones cortas ni los intentos de renovación de concesión sin éxito, lo que permite a atacantes remotos causar una denegación de servicio (reinicio del dispositivo) mediante la activación de una transición a un estado de recuperación con la intención de provocar un reinicio de la interfaz de red, pero en realidad implica un reinicio completo del dispositivo, también conocido como Bug ID CSCtn16281.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-10-08 CVE Reserved
- 2014-11-15 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1031218 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/98691 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7997 | 2017-09-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1040 Search vendor "Cisco" for product "Aironet 1040" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1140 Search vendor "Cisco" for product "Aironet 1140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1260 Search vendor "Cisco" for product "Aironet 1260" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3500 Search vendor "Cisco" for product "Aironet 3500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3600 Search vendor "Cisco" for product "Aironet 3600" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3600e Search vendor "Cisco" for product "Aironet 3600e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3600i Search vendor "Cisco" for product "Aironet 3600i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3600p Search vendor "Cisco" for product "Aironet 3600p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 600 Office Extend Search vendor "Cisco" for product "Aironet 600 Office Extend" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1100 Search vendor "Cisco" for product "Aironet Ap1100" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1130ag Search vendor "Cisco" for product "Aironet Ap1130ag" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1131 Search vendor "Cisco" for product "Aironet Ap1131" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1200 Search vendor "Cisco" for product "Aironet Ap1200" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1230ag Search vendor "Cisco" for product "Aironet Ap1230ag" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1240 Search vendor "Cisco" for product "Aironet Ap1240" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1240ag Search vendor "Cisco" for product "Aironet Ap1240ag" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1300 Search vendor "Cisco" for product "Aironet Ap1300" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap1400 Search vendor "Cisco" for product "Aironet Ap1400" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap340 Search vendor "Cisco" for product "Aironet Ap340" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap340 Search vendor "Cisco" for product "Aironet Ap340" | 11.21 Search vendor "Cisco" for product "Aironet Ap340" and version "11.21" | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap350 Search vendor "Cisco" for product "Aironet Ap350" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet Ap350 Search vendor "Cisco" for product "Aironet Ap350" | 11.21 Search vendor "Cisco" for product "Aironet Ap350" and version "11.21" | - |
Safe
|