CVE-2014-3407CVE-2014-3407

Affected configuration(s):

cpe:/a:cisco:adaptive_security_appliance_software:9.3%28.2%29

Date published: 2014-11-27T21:59:00.080-05:00

Date last modified: 2014-11-28T10:41:31.890-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407

Summary: The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.