Denial of Service Vulnerability in Cisco Transport Gateway for Smart Call Home
CVE-2014-3346

Currently unrated

Key Information:

Vendor: Cisco
Status: Transport Gateway Installation Software
Vendor: CVE Published:; 29 August 2014

What is CVE-2014-3346?

The web framework within Cisco's Transport Gateway for Smart Call Home fails to properly validate specific input parameters. This insufficiency allows remote authenticated users to exploit the vulnerability, potentially leading to a denial of service by sending a crafted string that results in a service crash. Effectively, this poses a risk to the availability of services relying on the application framework.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1030773

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/69441

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2014
Vulnerability Reserved
May 7, 2014