CVE-2014-3295
Cisco NX-OS < 6.2(2a) - Unauthenticated Denial of Service via Malformed HSRP Packets
Title source: llmDescription
The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67983
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3295
Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=34585
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030409
Permissions Required third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59158
Scores
EPSS
0.0112
EPSS Percentile
62.0%
Details
CWE
CWE-287
Status
published
Products (34)
cisco/nx-os
4.1.\(2\)
cisco/nx-os
4.1.\(3\)
cisco/nx-os
4.1.\(4\)
cisco/nx-os
4.1.\(5\)
cisco/nx-os
4.2\(3\)
cisco/nx-os
4.2\(4\)
cisco/nx-os
4.2\(6\)
cisco/nx-os
4.2\(8\)
cisco/nx-os
4.2.\(2a\)
cisco/nx-os
5.0\(2a\)
... and 24 more
Published
Jun 14, 2014
Tracked Since
Feb 18, 2026