T
he SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.
References
| Link | Resource |
|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407 | Broken Link Vendor Advisory |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=36542 | Vendor Advisory |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407 | Broken Link Vendor Advisory |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=36542 | Vendor Advisory |
Configurations
History
21 Nov 2024, 02:08
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407 - Broken Link, Vendor Advisory | |
| References | () http://tools.cisco.com/security/center/viewAlert.x?alertId=36542 - Vendor Advisory |
Information
Published : 2014-11-28 02:59
Updated : 2025-04-12 10:46
NVD link : CVE-2014-3407
Mitre link : CVE-2014-3407
CVE.ORG link : CVE-2014-3407
JSON object : View
Products Affected
CWE
CWE-400
Uncontrolled Resource Consumption