CVE-2014-3335

Severity Score

4.6

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

Cisco IOS XR 4.3(.2) y anteriores en los dispositivos ASR 9000 no realiza debidamente el muestreo NetFlow de paquetes con direcciones MAC de destinos multicast, lo que permite a atacantes remotos causar una denegación de servicio (cuelgues de chip y tarjeta) a través de un paquete manipulado, también conocido como Bug ID CSCup77750.

*Credits: N/A

CVSS Scores

NISTv2 4.6

Attack Vector

Adjacent

Attack Complexity

High

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-05-07 CVE Reserved
2014-08-26 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (6)

URL	Tag	Source
http://secunia.com/advisories/60222	Third Party Advisory
http://www.securityfocus.com/bid/69383	Vdb Entry
http://www.securitytracker.com/id/1030757	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95443	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335	2017-08-29
http://tools.cisco.com/security/center/viewAlert.x?alertId=35416	2017-08-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9000 Rsp440 Router Search vendor "Cisco" for product "Asr 9000 Rsp440 Router"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9001 Search vendor "Cisco" for product "Asr 9001"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9006 Search vendor "Cisco" for product "Asr 9006"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9010 Search vendor "Cisco" for product "Asr 9010"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9904 Search vendor "Cisco" for product "Asr 9904"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9912 Search vendor "Cisco" for product "Asr 9912"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	<= 4.3.2 Search vendor "Cisco" for product "Ios Xr" and version " <= 4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9922 Search vendor "Cisco" for product "Asr 9922"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9000 Rsp440 Router Search vendor "Cisco" for product "Asr 9000 Rsp440 Router"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9001 Search vendor "Cisco" for product "Asr 9001"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9006 Search vendor "Cisco" for product "Asr 9006"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9010 Search vendor "Cisco" for product "Asr 9010"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9904 Search vendor "Cisco" for product "Asr 9904"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9912 Search vendor "Cisco" for product "Asr 9912"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.0 Search vendor "Cisco" for product "Ios Xr" and version "4.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9922 Search vendor "Cisco" for product "Asr 9922"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9000 Rsp440 Router Search vendor "Cisco" for product "Asr 9000 Rsp440 Router"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9001 Search vendor "Cisco" for product "Asr 9001"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9006 Search vendor "Cisco" for product "Asr 9006"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9010 Search vendor "Cisco" for product "Asr 9010"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9904 Search vendor "Cisco" for product "Asr 9904"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9912 Search vendor "Cisco" for product "Asr 9912"	-	-	Affected
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	4.3.1 Search vendor "Cisco" for product "Ios Xr" and version "4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9922 Search vendor "Cisco" for product "Asr 9922"	-	-	Affected