CVE-2014-3335

high

Description

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95443

http://www.securitytracker.com/id/1030757

http://www.securityfocus.com/bid/69383

http://tools.cisco.com/security/center/viewAlert.x?alertId=35416

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335

http://secunia.com/advisories/60222

Details

Source: Mitre, NVD

Published: 2014-08-26

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:A/AC:H/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High