PT-2014-1316 · Cisco · Cisco Firewall Services Module (Fwsm)

Published

2014-02-22

Updated

2014-02-24

CVE-2014-0710

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco Firewall Services Module (FWSM) Software versions 3.x before 3.2(28) Cisco Firewall Services Module (FWSM) Software versions 4.x before 4.1(15)

Description A race condition in the cut-through proxy feature of the Cisco Firewall Services Module (FWSM) allows remote attackers to cause a denial of service, resulting in a device reload, by sending specially crafted traffic.

Recommendations For versions 3.x before 3.2(28), update to version 3.2(28) or later to resolve the issue. For versions 4.x before 4.1(15), update to version 4.1(15) or later to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

BDU:2015-00163

CVE-2014-0710

Affected Products

Cisco Firewall Services Module (Fwsm)

PT-2014-1316 · Cisco · Cisco Firewall Services Module (Fwsm)

CVE-2014-0710

Weakness Enumeration

Related Identifiers

Affected Products

References · 5