CVE-2014-3342

The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3342	Vendor Advisory
http://www.securityfocus.com/bid/69735
https://exchange.xforce.ibmcloud.com/vulnerabilities/95884
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3342	Vendor Advisory
http://www.securityfocus.com/bid/69735
https://exchange.xforce.ibmcloud.com/vulnerabilities/95884

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:cisco:cli:*:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:07

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3342 - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3342 - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/69735 -~~	() http://www.securityfocus.com/bid/69735 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/95884 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/95884 -

Information

Published : 2014-09-12 01:55

Updated : 2024-11-21 02:07

NVD link : CVE-2014-3342

Mitre link : CVE-2014-3342

CVE.ORG link : CVE-2014-3342

JSON object : View

Products Affected

cisco

ios_xr
cli

CWE

NVD-CWE-noinfo

{"id": "CVE-2014-3342", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-09-12T01:55:06.967", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3342", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/69735", "source": "ykramarz@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95884", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3342", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/69735", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95884", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383."}, {"lang": "es", "value": "El CLI en Cisco IOS XR permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de comandos no especificados, tambi\u00e9n conocido como Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, y CSCuq45383."}], "lastModified": "2024-11-21T02:07:54.187", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:cli:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "687692A2-8316-4AF0-A121-87B1E3A59370"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}