CVE-2014-3385
Cisco ASA Software 8.3-9.1 - Denial of Service via TCP Half-Open Connection Race Condition
Title source: llmDescription
Race condition in the Health and Performance Monitoring (HPM) for ASDM feature in Cisco ASA Software 8.3 before 8.3(2.42), 8.4 before 8.4(7.11), 8.5 before 8.5(1.19), 8.6 before 8.6(1.13), 8.7 before 8.7(1.11), 9.0 before 9.0(4.8), and 9.1 before 9.1(4.5) allows remote attackers to cause a denial of service (device reload) via TCP traffic that triggers many half-open connections at the same time, aka Bug ID CSCum00556.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa
Scores
EPSS
0.0101
EPSS Percentile
58.6%
Details
CWE
CWE-362
Status
published
Products (16)
cisco/asa
8.3
cisco/asa
8.3.2.25
cisco/asa
8.4
cisco/asa
8.4.1
cisco/asa
8.4.2
cisco/asa
8.4.3
cisco/asa
8.4.4
cisco/asa
8.4.5
cisco/asa
8.4.6
cisco/asa
8.4.7
... and 6 more
Published
Oct 10, 2014
Tracked Since
Feb 18, 2026