CVE-2014-3356

EUVD-2014-3369
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
ciscoios_xe
3.3\(.0\)xo
ciscoios_xe
3.6.0s:s
ciscoios_xe
3.6.1s:s
ciscoios_xe
3.6.2s:s
ciscoios_xe
3.7\(0\)s
ciscoios_xe
3.7\(1\)as
ciscoios_xe
3.7\(2\)s
ciscoios_xe
3.7\(3\)s
ciscoios_xe
3.7\(4\)s
ciscoios_xe
3.7\(5\)s
ciscoios_xe
3.8\(0\)s
ciscoios_xe
3.8\(1\)s
ciscoios_xe
3.8\(2\)s
ciscoios_xe
3.9\(0\)s
ciscoios_xe
3.9\(1a\)s
ciscoios_xe
3.9\(2\)s
ciscoios_xe
3.10s:s
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata/cvrf/cisco-sa-20140924-metadata_cvrf.xml
http://www.securityfocus.com/bid/70135
http://www.securitytracker.com/id/1030894
https://exchange.xforce.ibmcloud.com/vulnerabilities/96176
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata/cvrf/cisco-sa-20140924-metadata_cvrf.xml
http://www.securityfocus.com/bid/70135
http://www.securitytracker.com/id/1030894
https://exchange.xforce.ibmcloud.com/vulnerabilities/96176