1. Home
  2. CVE Database
  3. CVE-2014-3348
MEDIUM · 5.0

CVE-2014-3348

The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) vi...

Vulnerability Description

The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
CiscoIntegrated Management Controller<= 2.2.2
CiscoUnified Computing System E140D-
CiscoUnified Computing System E140Dp-
CiscoUnified Computing System E140S M1-
CiscoUnified Computing System E140S M2-
CiscoUnified Computing System E160D-
CiscoUnified Computing System E160Dp-
CiscoUnified Computing System En120S M2-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2014-3348?

CVE-2014-3348 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) vi...

How severe is CVE-2014-3348?

CVE-2014-3348 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-3348?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Integrated Management Controller, Cisco Unified Computing System E140D, Cisco Unified Computing System E140Dp, Cisco Unified Computing System E140S M1, Cisco Unified Computing System E140S M2.