CVE-2014-3386
high
CVSS v3
—
CVSS v2
7.8
VIR risk
7.8
Description
The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| cisco | asa | 8.2.5 | |
| cisco | asa | 8.2.5.13 | |
| cisco | asa | 8.2.5.22 | |
| cisco | asa | 8.2.5.26 | |
| cisco | asa | 8.2.5.33 | |
| cisco | asa | 8.2.5.41 | |
| cisco | asa | 8.2.5.46 | |
| cisco | asa | 8.2.5.48 | |
| cisco | asa | 8.2.5.49 | |
| cisco | asa | 8.4 | |
| cisco | asa | 8.4.1 | |
| cisco | asa | 8.4.2 | |
| cisco | asa | 8.4.3 | |
| cisco | asa | 8.4.4 | |
| cisco | asa | 8.4.5 | |
| cisco | asa | 8.4.6 | |
| cisco | asa | 8.4.7 | |
| cisco | asa | 8.7 | |
| cisco | asa | 9.0 | |
| cisco | asa | 9.1 | |
References
CWEs
CWE-399
Verify integrity in audit chain (admin only). AS-IS.