Vulnerability in Cisco Firewall_services_module_software

CVE-2014-0710

Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic…

Vulnerability class: Race Condition

EPSS: 0.003 (54.4th percentile) — read the EPSS interpretation.

Affected products

Cisco Firewall_services_module_software — versions 3.1, 3.1\(2\), 3.1\(3\)
N/a — versions n/a

Weakness classification (CWE)

CWE-362 — Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

References

20140219 Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)