CVE-2014-3355

Cisco IOS XE < 3.3.1XO, 3.7.6S, 3.10.1S DoS via Malformed RSVP Packets

Title source: llm
STIX 2.1

Description

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCug75942.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70130
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/96175
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030894

Scores

EPSS 0.0278
EPSS Percentile 84.7%

Details

CWE
CWE-119
Status published
Products (17)
cisco/ios_xe 3.3\(.0\)xo
cisco/ios_xe 3.6.0s
cisco/ios_xe 3.6.1s
cisco/ios_xe 3.6.2s
cisco/ios_xe 3.7\(0\)s
cisco/ios_xe 3.7\(1\)as
cisco/ios_xe 3.7\(2\)s
cisco/ios_xe 3.7\(3\)s
cisco/ios_xe 3.7\(4\)s
cisco/ios_xe 3.7\(5\)s
... and 7 more
Published Sep 25, 2014
Tracked Since Feb 18, 2026