CVE-2014-3355

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCug75942.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
ciscoios_xe
3.3\(.0\)xo
ciscoios_xe
3.6.0s:s
ciscoios_xe
3.6.1s:s
ciscoios_xe
3.6.2s:s
ciscoios_xe
3.7\(0\)s
ciscoios_xe
3.7\(1\)as
ciscoios_xe
3.7\(2\)s
ciscoios_xe
3.7\(3\)s
ciscoios_xe
3.7\(4\)s
ciscoios_xe
3.7\(5\)s
ciscoios_xe
3.8\(0\)s
ciscoios_xe
3.8\(1\)s
ciscoios_xe
3.8\(2\)s
ciscoios_xe
3.9\(0\)s
ciscoios_xe
3.9\(1a\)s
ciscoios_xe
3.9\(2\)s
ciscoios_xe
3.10s:s
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata/cvrf/cisco-sa-20140924-metadata_cvrf.xml
http://www.securityfocus.com/bid/70130
http://www.securitytracker.com/id/1030894
https://exchange.xforce.ibmcloud.com/vulnerabilities/96175
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata/cvrf/cisco-sa-20140924-metadata_cvrf.xml
http://www.securityfocus.com/bid/70130
http://www.securitytracker.com/id/1030894
https://exchange.xforce.ibmcloud.com/vulnerabilities/96175