CVE-2014-3262

Cisco IOS < 15.3(3)S and IOS XE - Denial of Service via Malformed LISP ITR Control Messages

Title source: llm
STIX 2.1

Description

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030243

Scores

EPSS 0.0155
EPSS Percentile 72.2%

Details

CWE
CWE-20
Status published
Products (5)
cisco/ios 15.3\(3\)m
cisco/ios 15.3m
cisco/ios 15.3s
cisco/ios < 15.3\(3\)s
cisco/ios_xe
Published May 16, 2014
Tracked Since Feb 18, 2026