Published: 29/04/2014 Updated: 05/10/2021

CVSS v2 Base Score: 6.3 | Impact Score: 6.9 | Exploitability Score: 6.8

VMScore: 561

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C

The L2TP module in Cisco IOS XE 3.10S(.2) and previous versions on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios_xe 3.10.0s
cisco ios_xe 3.10
cisco ios_xe 3.10.1s1
cisco ios_xe
cisco ios_xe 3.10.1s
cisco asr_1001 -
cisco asr_1002_fixed_router -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1013 -
cisco asr_1023_router -
cisco asr_1002-x -
cisco asr_1002 -

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) module of Cisco IOS XE on Cisco ASR 1000 Series Routers could allow an authenticated, remote attacker to cause a reload of the processing ESP card The vulnerability occurs during the processing of a malformed L2TP packet An attacker could exploit this vulnerability by sending malformed L2T ...

CWE-20 http://tools.cisco.com/security/center/viewAlert.x?alertId=33971 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140428-CVE-2014-2183

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-2183

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect