CVE-2014-3378

Cisco IOS XR <= 5.1 - Denial of Service via Malformed TACACS+ Packet

Title source: llm
STIX 2.1

Description

tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.

References (7)

Core 7
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59632
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59649
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030878
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/96067
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69957

Scores

EPSS 0.0179
EPSS Percentile 75.8%

Details

CWE
CWE-20
Status published
Products (50)
cisco/ios_xr 2.0
cisco/ios_xr 3.0
cisco/ios_xr 3.0.1
cisco/ios_xr 3.1
cisco/ios_xr 3.1.0
cisco/ios_xr 3.2
cisco/ios_xr 3.2.1
cisco/ios_xr 3.2.2
cisco/ios_xr 3.2.4
cisco/ios_xr 3.2.50
... and 40 more
Published Sep 20, 2014
Tracked Since Feb 18, 2026