CVE-2014-3361

Cisco IOS 15.0-15.4 - Denial of Service via SIP ALG Module

Title source: llm
STIX 2.1

Description

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030896
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70129
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/96181

Scores

EPSS 0.0237
EPSS Percentile 81.8%

Details

CWE
CWE-119
Status published
Products (5)
cisco/ios 15.0
cisco/ios 15.1
cisco/ios 15.2
cisco/ios 15.3
cisco/ios 15.4
Published Sep 25, 2014
Tracked Since Feb 18, 2026