Cisco IOS XR DHCPv6 Multiple DoS Vulnerabilities

medium Nessus Plugin ID 76971

Synopsis

The remote device is missing vendor-supplied security patches.

Description

The remote Cisco device is running a version of Cisco IOS XR software that is affected by multiple denial of service vulnerabilities related to the incorrect handling of malformed DHCPv6 packets.

Solution

Apply the relevant patches referenced in Cisco bug IDs CSCul80924, CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

See Also

http://www.nessus.org/u?8f36bfcf

http://www.nessus.org/u?637c559e

Plugin Details

Severity: Medium

ID: 76971

File Name: cisco-sn-CVE-2014-3270-iosxr.nasl

Version: 1.9

Type: combined

Family: CISCO

Published: 8/1/2014

Updated: 4/8/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2014-3270

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 5/19/2014

Vulnerability Publication Date: 5/19/2014

Reference Information

CVE: CVE-2014-3270, CVE-2014-3271

BID: 67488, 67492