Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0683

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-0683
Last Modified 07 Mar 2014 02:14:22
Published 06 Mar 2014 06:55:05
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0683

Summary

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.

Vulnerable Systems

Operating System

  • Cisco Cvr100w Firmware 1.0.1.19

  • Cisco Rv110w Firmware 1.2.0.9

  • Cisco Rv215w Firmware 1.1.0.5


References

CISCO - 20140305 Cisco Small Business Router Password Disclosure Vulnerability


Last Updated: 27 May 2016 11:04:34