Vulnerabilities > CVE-2014-2143 - Denial of Service vulnerability in Cisco IOS XE

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cisco
nessus
NVD
Published: 2014-04-04
Updated: 2014-04-04

Summary

The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.

Vulnerable Configurations

Part Description Count
OS
Cisco
5160

Nessus

NASL familyCISCO
NASL idCISCO_IOS_CSCUN31021.NASL
descriptionThe Cisco Internet Key Exchange (IKE) module has a denial of service vulnerability. According to its self-reported IOS version, the remote device may be affected by this vulnerability. The IKE module does not handle specially crafted main mode packets and can allow established IKE security associations to be damaged.
last seen2020-06-01
modified2020-06-02
plugin id73736
published2014-04-28
reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/73736
titleCisco IOS IKE Module DoS
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(73736);
  script_version("1.6");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id("CVE-2014-2143");
  script_bugtraq_id(66628);
  script_xref(name:"CISCO-BUG-ID", value:"CSCun31021");

  script_name(english:"Cisco IOS IKE Module DoS");
  script_summary(english:"Checks IOS version");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"The Cisco Internet Key Exchange (IKE) module has a denial of service
vulnerability. According to its self-reported IOS version, the remote
device may be affected by this vulnerability. The IKE module does not
handle specially crafted main mode packets and can allow established
IKE security associations to be damaged.");
  # https://tools.cisco.com/security/center/viewAlert.x?alertId=33639
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?128edb78");
  script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=33639");
  script_set_attribute(attribute:"solution", value:
"Contact Cisco for updated software.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2143");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/04/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/04/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_ios_version.nasl");
  script_require_keys("Host/Cisco/IOS/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

version = get_kb_item_or_exit("Host/Cisco/IOS/Version");

if (
  version == '15.4T'      ||
  version == '15.4(1)T'   ||
  version == '15.4S'      ||
  version == '15.4(3)S'
) security_warning(0);
else audit(AUDIT_INST_VER_NOT_VULN, 'IOS', version);

References