CVE-2014-3308

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-3308
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.

6.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/58869
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308 Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=34843 Vendor Advisory
http://www.securityfocus.com/bid/68351 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030525 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2014-07-07 11:01

Updated : 2024-02-28 12:20

NVD link : CVE-2014-3308

Mitre link : CVE-2014-3308

CVE.ORG link : CVE-2014-3308

JSON object : View

Products Affected

cisco

  • asr_9000_rsp440_router
  • ios_xr
  • asr_9006
  • asr_9904
  • asr_9912
  • asr_9010
  • asr_9001
  • asr_9922
CWE
CWE-20

Improper Input Validation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024