CVE-2014-3276

medium

Cisco

CVSS v3 Base Score

4.0

AV:N/AC:L/Au:S/C:N/I:N/A:P

EPSS Score

0.6%

Exploitation probability in 30 days

Top 31% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: May 26, 2014 (4371 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780.

CWE

CWE-399

Affected Products

cisco identity services engine software

References

🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 tools.cisco.com

CVE-2014-3276

Vulnerability Report

Description

CWE

Affected Products

References