CVE-2014-3362 : Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and ear

Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677.

Published 2014-09-12 01:55:07

Updated 2025-04-12 10:46:41

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2014-3362

Cisco » Telepresence System Software
Versions up to, including, (<=) f9.3.3
cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.1.2
cpe:2.3:a:cisco:telepresence_system_software:f9.1.2:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: Fnc9.1.2
cpe:2.3:a:cisco:telepresence_system_software:fnc9.1.2:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.1.1
cpe:2.3:a:cisco:telepresence_system_software:f9.1.1:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: Fnc9.1.1
cpe:2.3:a:cisco:telepresence_system_software:fnc9.1.1:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: Fnc9.1.0
cpe:2.3:a:cisco:telepresence_system_software:fnc9.1.0:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.0.1
cpe:2.3:a:cisco:telepresence_system_software:f9.0.1:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: Fnc9.3
cpe:2.3:a:cisco:telepresence_system_software:fnc9.3:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.1.0
cpe:2.3:a:cisco:telepresence_system_software:f9.1.0:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.0.2
cpe:2.3:a:cisco:telepresence_system_software:f9.0.2:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.3.1
cpe:2.3:a:cisco:telepresence_system_software:f9.3.1:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Software » Version: F9.3
cpe:2.3:a:cisco:telepresence_system_software:f9.3:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Edge 95 Mxp » Version: N/A
cpe:2.3:h:cisco:telepresence_system_edge_95_mxp:-:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Edge 85 Mxp » Version: N/A
cpe:2.3:h:cisco:telepresence_system_edge_85_mxp:-:*:*:*:*:*:*:*
Matching versions
Cisco » Telepresence System Edge 75 Mxp » Version: N/A
cpe:2.3:h:cisco:telepresence_system_edge_75_mxp:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-3362

EPSS FAQ

0.77%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 71 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-3362

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2014-3362

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-3362

http://tools.cisco.com/security/center/viewAlert.x?alertId=35674

Cisco TelePresence System MXP Series Software Denial of Service Vulnerability
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3362

Cisco TelePresence System MXP Series Software Denial of Service Vulnerability
Vendor Advisory
http://secunia.com/advisories/61072

Sign in
https://exchange.xforce.ibmcloud.com/vulnerabilities/95883

Cisco TelePresence System MXP Series Software denial of service CVE-2014-3362 Vulnerability Report

Jump to

Vulnerability Details : CVE-2014-3362

Products affected by CVE-2014-3362

Exploit prediction scoring system (EPSS) score for CVE-2014-3362

CVSS scores for CVE-2014-3362

CWE ids for CVE-2014-3362

References for CVE-2014-3362