Cisco Intrusion Prevention System Denial of Service Vulnerability (CVE-2014-3402)
Release date: 2014-10-07
Updated on: 2014-10-09
Affected Systems:
Cisco IPS
Description:
Bugtraq id: 70278
CVE (CAN) ID: CVE-2014-3402
Cisco Intrusion Prevention System is a Cisco Intrusion Prevention System that provides online Deep Packet detection.
The Web framework of Cisco Intrusion Prevention System (IPS) Software has a security vulnerability. unauthenticated remote attackers can exploit this vulnerability to cause no response from the MainApp process.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3402
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/publicationListing.x #~ CiscoSecurityResponse
This article permanently updates the link address: