CVE-2014-3356
Cisco IOS XE < 3.3.1XO, 3.7.6S, 3.10.1S DoS via Malformed RSVP Packets
Title source: llmDescription
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753.
References (5)
Core 5
Core References
Various Sources x_refsource_confirm
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata/cvrf/cisco-sa-20140924-metadata_cvrf.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/96176
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/70135
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030894
Scores
EPSS
0.0320
EPSS Percentile
86.6%
Details
CWE
CWE-119
Status
published
Products (17)
cisco/ios_xe
3.3\(.0\)xo
cisco/ios_xe
3.6.0s
cisco/ios_xe
3.6.1s
cisco/ios_xe
3.6.2s
cisco/ios_xe
3.7\(0\)s
cisco/ios_xe
3.7\(1\)as
cisco/ios_xe
3.7\(2\)s
cisco/ios_xe
3.7\(3\)s
cisco/ios_xe
3.7\(4\)s
cisco/ios_xe
3.7\(5\)s
... and 7 more
Published
Sep 25, 2014
Tracked Since
Feb 18, 2026