Lucene search
HistorySep 25, 2014 - 10:55 a.m.
CVE-2014-3354
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
9.2
Confidence
High
EPSS
0.021
Percentile
89.1%
Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547.
Affected configurations
Node
ciscoiosMatch12.0
ORciscoiosMatch12.2
ORciscoiosMatch12.4
ORciscoiosMatch15.0
ORciscoiosMatch15.1
ORciscoiosMatch15.2
ORciscoiosMatch15.3
ORciscoios_xeMatch2.1
ORciscoios_xeMatch2.1.0
ORciscoios_xeMatch2.1.1
ORciscoios_xeMatch2.1.2
ORciscoios_xeMatch2.2
ORciscoios_xeMatch2.2.1
ORciscoios_xeMatch2.2.2
ORciscoios_xeMatch2.2.3
ORciscoios_xeMatch2.3
ORciscoios_xeMatch2.3.0
ORciscoios_xeMatch2.3.1
ORciscoios_xeMatch2.3.1t
ORciscoios_xeMatch2.3.2
ORciscoios_xeMatch2.4
ORciscoios_xeMatch2.4.0
ORciscoios_xeMatch2.4.1
ORciscoios_xeMatch2.4.2
ORciscoios_xeMatch2.4.3
ORciscoios_xeMatch2.4.4
ORciscoios_xeMatch2.5\(.0\)
ORciscoios_xeMatch2.5.0
ORciscoios_xeMatch2.5.1
ORciscoios_xeMatch2.5.2
ORciscoios_xeMatch2.6\(.0\)
ORciscoios_xeMatch2.6\(.1\)
ORciscoios_xeMatch2.6\(.2\)
ORciscoios_xeMatch2.6.0
ORciscoios_xeMatch2.6.1
ORciscoios_xeMatch2.6.2
ORciscoios_xeMatch3.1.0s
ORciscoios_xeMatch3.1.0sg
ORciscoios_xeMatch3.1.1s
ORciscoios_xeMatch3.1.1sg
ORciscoios_xeMatch3.1.2s
ORciscoios_xeMatch3.1.3s
ORciscoios_xeMatch3.1.4s
ORciscoios_xeMatch3.1s\(.0\)
ORciscoios_xeMatch3.1s\(.1\)
ORciscoios_xeMatch3.1s\(.2\)
ORciscoios_xeMatch3.1s\(.3\)
ORciscoios_xeMatch3.2.00.xo.15.0\(2\)xo
ORciscoios_xeMatch3.2.0s
ORciscoios_xeMatch3.2.0sg
ORciscoios_xeMatch3.2.0xo
ORciscoios_xeMatch3.2.1s
ORciscoios_xeMatch3.2.1se
ORciscoios_xeMatch3.2.1sg
ORciscoios_xeMatch3.2.2s
ORciscoios_xeMatch3.2.2se
ORciscoios_xeMatch3.2.2sg
ORciscoios_xeMatch3.2.3se
ORciscoios_xeMatch3.2.3sg
ORciscoios_xeMatch3.2.4sg
ORciscoios_xeMatch3.2s\(.0\)
ORciscoios_xeMatch3.2s\(.1\)
ORciscoios_xeMatch3.2s\(.2\)
ORciscoios_xeMatch3.3.0s
ORciscoios_xeMatch3.3.0se
ORciscoios_xeMatch3.3.0sg
ORciscoios_xeMatch3.3.1s
ORciscoios_xeMatch3.3.1se
ORciscoios_xeMatch3.3.1sg
ORciscoios_xeMatch3.3.2s
ORciscoios_xeMatch3.3.3s
ORciscoios_xeMatch3.3s\(.0\)
ORciscoios_xeMatch3.3s\(.1\)
ORciscoios_xeMatch3.3s\(.2\)
ORciscoios_xeMatch3.4.0as
ORciscoios_xeMatch3.4.0s
ORciscoios_xeMatch3.4.0sg
ORciscoios_xeMatch3.4.1s
ORciscoios_xeMatch3.4.1sg
ORciscoios_xeMatch3.4.2s
ORciscoios_xeMatch3.4.2sg
ORciscoios_xeMatch3.4.3s
ORciscoios_xeMatch3.4.3sg
ORciscoios_xeMatch3.4.4s
ORciscoios_xeMatch3.4.5s
ORciscoios_xeMatch3.4.xs
ORciscoios_xeMatch3.4s\(.0\)
ORciscoios_xeMatch3.4s\(.1\)
ORciscoios_xeMatch3.4s\(.2\)
ORciscoios_xeMatch3.4s\(.3\)
ORciscoios_xeMatch3.4s\(.4\)
ORciscoios_xeMatch3.4s\(.5\)
ORciscoios_xeMatch3.4s\(.6\)
ORciscoios_xeMatch3.5.0e
ORciscoios_xeMatch3.5.0s
ORciscoios_xeMatch3.5.1e
ORciscoios_xeMatch3.5.1s
ORciscoios_xeMatch3.5.2e
ORciscoios_xeMatch3.5.2s
ORciscoios_xeMatch3.5.xs
ORciscoios_xeMatch3.5e
ORciscoios_xeMatch3.5s\(.0\)
ORciscoios_xeMatch3.5s\(.1\)
ORciscoios_xeMatch3.5s\(.2\)
ORciscoios_xeMatch3.6.0s
ORciscoios_xeMatch3.6.1s
ORciscoios_xeMatch3.6.2s
ORciscoios_xeMatch3.6s\(.0\)
ORciscoios_xeMatch3.6s\(.1\)
ORciscoios_xeMatch3.6s\(.2\)
ORciscoios_xeMatch3.7.0s
ORciscoios_xeMatch3.7.1s
ORciscoios_xeMatch3.7.2s
ORciscoios_xeMatch3.7s\(.0\)
ORciscoios_xeMatch3.7s\(.1\)
ORciscoios_xeMatch3.7s\(.2\)
ORciscoios_xeMatch3.7s\(.3\)
ORciscoios_xeMatch3.8.0s
ORciscoios_xeMatch3.8s\(.0\)
ORciscoios_xeMatch3.8s\(.1\)
ORciscoios_xeMatch3.8s\(.2\)
ORciscoios_xeMatch3.9s\(.0\)
ORciscoios_xeMatch3.9s\(.1\)
ORciscoios_xeMatch3.9s\(.2\)
ORciscoios_xeMatch3.10
ORciscoios_xeMatch3.10.0s
ORciscoios_xeMatch3.10.1s
ORciscoios_xeMatch3.10.1s1
ORciscoios_xeMatch3.10.2s
ORciscoios_xeMatch3.10s\(.0\)
ORciscoios_xeMatch3.12s
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | ios | 12.0 | cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* |
| cisco | ios | 12.2 | cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:* |
| cisco | ios | 12.4 | cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:* |
| cisco | ios | 15.0 | cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:* |
| cisco | ios | 15.1 | cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:* |
| cisco | ios | 15.2 | cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:* |
| cisco | ios | 15.3 | cpe:2.3:o:cisco:ios:15.3:*:*:*:*:*:*:* |
| cisco | ios_xe | 2.1 | cpe:2.3:o:cisco:ios_xe:2.1:*:*:*:*:*:*:* |
| cisco | ios_xe | 2.1.0 | cpe:2.3:o:cisco:ios_xe:2.1.0:*:*:*:*:*:*:* |
| cisco | ios_xe | 2.1.1 | cpe:2.3:o:cisco:ios_xe:2.1.1:*:*:*:*:*:*:* |
References
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp/cvrf/cisco-sa-20140924-rsvp_cvrf.xml
www.securityfocus.com/bid/70131
www.securityfocus.com/bid/70183
www.securitytracker.com/id/1030893
exchange.xforce.ibmcloud.com/vulnerabilities/96178
Related
cisco
cisco
Cisco IOS Software RSVP Vulnerability
2014-09-24 16:00:00
nessus
nessus
Rockwell Automation Stratix Cisco IOS Software RSVP Denial of Service (CVE-2014-3354)
2023-11-15 00:00:00
Cisco IOS XE Software RSVP DoS (cisco-sa-20140924-rsvp)
2014-10-02 00:00:00
Cisco IOS Software RSVP DoS (cisco-sa-20140924-rsvp)
2014-10-02 00:00:00
cve
cve
CVE-2014-3354
2014-09-25 10:55:08
cvelist
cvelist
CVE-2014-3354
2014-09-25 10:00:00
prion
prion
Design/Logic Flaw
2014-09-25 10:55:00
openvas
openvas
Cisco IOS Software RSVP Vulnerability
2016-05-10 00:00:00
securityvulns
securityvulns
Cisco IOS multiple security vulnerabilities
2014-09-29 00:00:00
ics
ics
Rockwell Automation Stratix 5900
2017-05-10 12:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
9.2
Confidence
High
EPSS
0.021
Percentile
89.1%
Related for NVD:CVE-2014-3354