CVE-2014-3356

Cisco IOS XE < 3.3.1XO, 3.7.6S, 3.10.1S DoS via Malformed RSVP Packets

Title source: llm
STIX 2.1

Description

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/96176
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70135
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030894

Scores

EPSS 0.0320
EPSS Percentile 86.6%

Details

CWE
CWE-119
Status published
Products (17)
cisco/ios_xe 3.3\(.0\)xo
cisco/ios_xe 3.6.0s
cisco/ios_xe 3.6.1s
cisco/ios_xe 3.6.2s
cisco/ios_xe 3.7\(0\)s
cisco/ios_xe 3.7\(1\)as
cisco/ios_xe 3.7\(2\)s
cisco/ios_xe 3.7\(3\)s
cisco/ios_xe 3.7\(4\)s
cisco/ios_xe 3.7\(5\)s
... and 7 more
Published Sep 25, 2014
Tracked Since Feb 18, 2026