CVE-2014-3276
Description
Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780.
Risk Information
Base Score
4.3
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.585
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability For Cisco Identity Services Engine | NCM |
| CVE-2014-3276 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706002 | Security Update for Cisco Identity Services Engine 2.0(0.905) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234