Vulnerabilities > CVE-2014-3347 - Resource Management Errors vulnerability in Cisco products

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

high complexity

cisco

CWE-399

NVD

Published: 2014-08-28

Updated: 2017-08-29

Summary

Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS 15.1\(4\)M2	1
Hardware	Cisco Cisco 1801 Integrated Service Router - Cisco 1802 Integrated Service Router - Cisco 1803 Integrated Service Router - Cisco 1811 Integrated Service Router - Cisco 1812 Integrated Service Router - Cisco 1841 Integrated Service Router - Cisco 1861 Integrated Service Router -	7

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References