Denial of Service Vulnerability in Cisco Unified Computing System on E-Series Blade Servers
CVE-2014-3348

Currently unrated

Key Information:

Vendor: Cisco
Status: Integrated Management Controller; Unified Computing System E140d; Unified Computing System E140dp; Unified Computing System E140s M1
Vendor: CVE Published:; 10 September 2014

Summary

The SSH module in the Integrated Management Controller (IMC) of Cisco Unified Computing System E-Series blade servers, prior to version 2.3.1, is vulnerable to a denial of service attack. Attackers can exploit this vulnerability by sending specially crafted SSH packets, which may cause the IMC to hang and cease functioning. This disruption of service can significantly impact operations, making it essential for users of affected products to apply necessary patches and updates.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/69652

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
May 7, 2014