Vulnerability Details CVE-2014-7997
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.9%
CVSS Severity
CVSS v2 Score 6.1
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7997
- http://www.securitytracker.com/id/1031218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98691
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7997
- http://www.securitytracker.com/id/1031218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98691
Products affected by CVE-2014-7997
-
cpe:2.3:h:cisco:aironet_1040:-
-
cpe:2.3:h:cisco:aironet_1140:-
-
cpe:2.3:h:cisco:aironet_1260:-
-
cpe:2.3:h:cisco:aironet_3500:-
-
cpe:2.3:h:cisco:aironet_3600:-
-
cpe:2.3:h:cisco:aironet_3600e:-
-
cpe:2.3:h:cisco:aironet_3600i:-
-
cpe:2.3:h:cisco:aironet_3600p:-
-
cpe:2.3:h:cisco:aironet_600_office_extend:-
-
cpe:2.3:h:cisco:aironet_ap1100:-
-
cpe:2.3:h:cisco:aironet_ap1130ag:-
-
cpe:2.3:h:cisco:aironet_ap1131:-
-
cpe:2.3:h:cisco:aironet_ap1200:-
-
cpe:2.3:h:cisco:aironet_ap1230ag:-
-
cpe:2.3:h:cisco:aironet_ap1240:-
-
cpe:2.3:h:cisco:aironet_ap1240ag:-
-
cpe:2.3:h:cisco:aironet_ap1300:-
-
cpe:2.3:h:cisco:aironet_ap1400:-
-
cpe:2.3:h:cisco:aironet_ap340:-
-
cpe:2.3:h:cisco:aironet_ap340:11.21
-
cpe:2.3:h:cisco:aironet_ap350:-
-
cpe:2.3:h:cisco:aironet_ap350:11.21
-
cpe:2.3:o:cisco:ios:-