CVE-2014-2139CVE-2014-2139

Affected configuration(s):

cpe:/h:cisco:ons_15454
cpe:/o:cisco:cisco_ons_15454_system_software:9.0
cpe:/o:cisco:cisco_ons_15454_system_software:9.1
cpe:/o:cisco:cisco_ons_15454_system_software:9.2
cpe:/o:cisco:cisco_ons_15454_system_software:9.2.1
cpe:/o:cisco:cisco_ons_15454_system_software:9.2.2
cpe:/o:cisco:cisco_ons_15454_system_software:9.3
cpe:/o:cisco:cisco_ons_15454_system_software:9.4
cpe:/o:cisco:cisco_ons_15454_system_software:9.6

Date published: 2014-04-12T00:37:31.817-04:00

Date last modified: 2014-04-14T14:05:46.210-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139

Summary: Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.