← back
CVE-2014-7992

CVE-2014-7992

23Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 27%
from disclosure to weapon0 days
Published on NVDNov 18
metasploitNov 17
exploitation probability
27%top 2% of all CVEs
observed exploitation
nono source reports it
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014.
Affected products
n/a · n/a