CVE-2014-3322

2014-07-2414:55:07

CWE-20

[email protected]

web.nvd.nist.gov

cisco

ios xr

cve-2014-3322

asr 9000

denial of service

netflow

remote attack

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

Affected configurations

NVD

Node

ciscoios_xrRange≤4.3.2

ciscoios_xrMatch4.3.0

ciscoios_xrMatch4.3.1

AND

ciscoasr_9000_rsp440_routerMatch-

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9904Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

CPENameOperatorVersion
cisco:ios_xrcisco ios xrle4.3.2
cisco:ios_xrcisco ios xreq4.3.0
cisco:ios_xrcisco ios xreq4.3.1
cisco:asr_9000_rsp440_routercisco asr 9000 rsp440 routereq-
cisco:asr_9001cisco asr 9001eq-
cisco:asr_9006cisco asr 9006eq-
cisco:asr_9010cisco asr 9010eq-
cisco:asr_9904cisco asr 9904eq-
cisco:asr_9912cisco asr 9912eq-
cisco:asr_9922cisco asr 9922eq-

CPE	Name	Operator	Version
cisco:ios_xr	cisco ios xr	le	4.3.2
cisco:ios_xr	cisco ios xr	eq	4.3.0
cisco:ios_xr	cisco ios xr	eq	4.3.1
cisco:asr_9000_rsp440_router	cisco asr 9000 rsp440 router	eq	-
cisco:asr_9001	cisco asr 9001	eq	-
cisco:asr_9006	cisco asr 9006	eq	-
cisco:asr_9010	cisco asr 9010	eq	-
cisco:asr_9904	cisco asr 9904	eq	-
cisco:asr_9912	cisco asr 9912	eq	-
cisco:asr_9922	cisco asr 9922	eq	-