CVE-2014-2139 | Vulnerability Database | Aqua Security

Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315.

Affected Software

Name	Vendor	Start Version	End Version
Cisco_ons_15454_system_software	Cisco	*	9.6 (including)
Cisco_ons_15454_system_software	Cisco	9.0 (including)	9.0 (including)
Cisco_ons_15454_system_software	Cisco	9.1 (including)	9.1 (including)
Cisco_ons_15454_system_software	Cisco	9.2 (including)	9.2 (including)
Cisco_ons_15454_system_software	Cisco	9.2.1 (including)	9.2.1 (including)
Cisco_ons_15454_system_software	Cisco	9.2.2 (including)	9.2.2 (including)
Cisco_ons_15454_system_software	Cisco	9.3 (including)	9.3 (including)
Cisco_ons_15454_system_software	Cisco	9.4 (including)	9.4 (including)

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139
http://tools.cisco.com/security/center/viewAlert.x?alertId=33681
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139
http://tools.cisco.com/security/center/viewAlert.x?alertId=33681

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-2139
CWE	https://cwe.mitre.org/data/definitions/.html