Published: 24/07/2014 Updated: 12/01/2017

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

VMScore: 543

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C

Cisco IOS XR 4.3(.2) and previous versions on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote malicious users to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios xr
cisco ios xr 4.3.0
cisco ios xr 4.3.1
cisco asr 9000 rsp440 router -
cisco asr 9001 -
cisco asr 9006 -
cisco asr 9010 -
cisco asr 9904 -
cisco asr 9912 -
cisco asr 9922 -

A vulnerability in NetFlow processing in Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic The vulnerability is due to improper NetFlow sampling of malformed IP version 4 ...

CWE-20 http://tools.cisco.com/security/center/viewAlert.x?alertId=35009 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322 http://www.securityfocus.com/bid/68833 http://www.securitytracker.com/id/1030623 http://secunia.com/advisories/60311 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140723-CVE-2014-3322

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3322

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect