Published: 16/05/2014 Updated: 07/09/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and previous versions and IOS XE does not properly validate parameters in ITR control messages, which allows remote malicious users to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 15.3m
cisco ios 15.3\\(3\\)m
cisco ios
cisco ios 15.3s
cisco ios xe -

A vulnerability in Locator/ID Separation Protocol (LISP) control message processing in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a vulnerable device to disable Cisco Express Forwarding and eventually drop traffic passing through The vulnerability is due to insufficient checking of certai ...

CWE-20 http://tools.cisco.com/security/center/viewAlert.x?alertId=34233 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3262 http://www.securitytracker.com/id/1030243 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140514-CVE-2014-3262

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3262

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect