CVE-2004-0710 - OpenCVE

IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios

Configuration 1 [-]

OR	cpe:2.3:o:cisco:ios:12.2\(14\)sy:::::::*
	cpe:2.3:o:cisco:ios:12.2\(14\)za:::::::*
	cpe:2.3:o:cisco:ios:12.2\(14\)za2:::::::*
	cpe:2.3:o:cisco:ios:12.2\(17a\)sxa:::::::*
	cpe:2.3:o:cisco:ios:12.2sxa:::::::*
	cpe:2.3:o:cisco:ios:12.2sxb:::::::*
	cpe:2.3:o:cisco:ios:12.2sy:::::::*
	cpe:2.3:o:cisco:ios:12.2za:::::::*

No data.

References

Link	Providers
http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml
http://www.kb.cert.org/vuls/id/904310
http://www.securityfocus.com/bid/10083
https://exchange.xforce.ibmcloud.com/vulnerabilities/15797
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-07-21T04:00:00

Updated: 2024-08-08T00:24:27.061Z

Reserved: 2004-07-20T00:00:00

Link: CVE-2004-0710

Vulnrichment

No data.

NVD

Status : Modified

Published: 2004-07-27T04:00:00.000

Modified: 2017-10-11T01:29:31.293

Link: CVE-2004-0710

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "VU#904310", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/904310"}, {"name": "20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"}, {"name": "oval:org.mitre.oval:def:5696", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"}, {"name": "cisco-vpnsm-ike-dos(15797)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"}, {"name": "10083", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/10083"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0710", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#904310", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/904310"}, {"name": "20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"}, {"name": "oval:org.mitre.oval:def:5696", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"}, {"name": "cisco-vpnsm-ike-dos(15797)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"}, {"name": "10083", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10083"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:24:27.061Z"}, "title": "CVE Program Container", "references": [{"name": "VU#904310", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/904310"}, {"name": "20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"}, {"name": "oval:org.mitre.oval:def:5696", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"}, {"name": "cisco-vpnsm-ike-dos(15797)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"}, {"name": "10083", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/10083"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0710", "datePublished": "2004-07-21T04:00:00", "dateReserved": "2004-07-20T00:00:00", "dateUpdated": "2024-08-08T00:24:27.061Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za:*:*:*:*:*:*:*", "matchCriteriaId": "26835676-2738-47CB-A364-78D1964FEC4D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za2:*:*:*:*:*:*:*", "matchCriteriaId": "209A1BE7-EEFC-476E-84E4-4EFD68DD7E81", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17a\\)sxa:*:*:*:*:*:*:*", "matchCriteriaId": "CE7F49F3-0A0A-4270-A657-CDE987637684", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2sxa:*:*:*:*:*:*:*", "matchCriteriaId": "E7A672BD-87AE-424D-8735-073BBE9CE164", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2sxb:*:*:*:*:*:*:*", "matchCriteriaId": "95C033E3-184B-4AC1-B10D-8318FEAF73FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet."}, {"lang": "es", "value": "El M\u00f3dulo de Servicios de Seguridad VPN (VPNSM) del Cisco Catalyst 6500 Series Switch y el Cisco 7600 Series Internet Routers corriendo IOS anterioreas a 12.2(17b)SXA, anteriores a 12.2(17d)SXB, o anteriores a before 12.2(14)SY03) podr\u00eda permitir a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda y reinicio del dispositivo) mediante un paquete Internet Key Exchange (IKE) malformado."}], "id": "CVE-2004-0710", "lastModified": "2017-10-11T01:29:31.293", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-07-27T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/904310"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/10083"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}