Skip to main content

Intrusion Prevention System CVE-2014-3402

MEDIUM
Improper Authentication (CWE-287)
2014-10-10 psirt@cisco.com
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Oct 10, 2014 - 10:55 cve.org
MEDIUM 5.0

DescriptionCVE.org

The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens, which allows remote attackers to cause a denial of service (temporary MainApp hang) via a crafted connection request to the management interface, aka Bug ID CSCuq39550.

AnalysisAI

The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens, which allows remote attackers to cause a denial of service (temporary MainApp hang) via a crafted connection request to the management interface, aka Bug ID CSCuq39550. Affected products include: Cisco Intrusion Prevention System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

CVE-2013-3411 HIGH
7.8 Jul 18

The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 mod

CVE-2013-3410 HIGH
7.8 Jul 18

Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a d

CVE-2013-1243 HIGH
7.8 Jul 18

The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules bef

CVE-2013-1218 HIGH
7.8 Jul 18

Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote

CVE-2015-0654 HIGH
7.1 Mar 13

Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IP

CVE-2014-3406 HIGH
7.1 Oct 19

Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows

CVE-2014-2103 MEDIUM
6.8 Feb 27

Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process o

CVE-2012-3901 MEDIUM
5.0 Sep 16

The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a den

CVE-2012-3899 MEDIUM
5.0 Sep 16

sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote atta

CVE-2013-5497 MEDIUM
4.3 Sep 19

The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly han

CVE-2013-1219 MEDIUM
4.4 Apr 29

SensorApp in Cisco Intrusion Prevention System (IPS) allows local users to cause a denial of service (Regex hardware job

Share

CVE-2014-3402 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy