Published: 24/07/2014 Updated: 12/01/2017

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

VMScore: 543

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C

Cisco IOS XR 4.3(.2) and previous versions on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote malicious users to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios_xr 4.3.1
cisco ios_xr 4.3.0
cisco ios_xr
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9006 -
cisco asr_9904 -
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9010 -

A vulnerability in NetFlow processing in Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic The vulnerability is due to improper NetFlow sampling of malformed IP version 4 ...

CWE-20 http://tools.cisco.com/security/center/viewAlert.x?alertId=35009 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322 http://www.securityfocus.com/bid/68833 http://www.securitytracker.com/id/1030623 http://secunia.com/advisories/60311 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140723-CVE-2014-3322

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3322

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect