CVE-2014-2107Improper Input Validation in Cisco IOS

CWE-20Improper Input Validation4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.4%
top 39.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMar 27
Latest updateMay 17

Description

Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-w25r-g22w-g65r: Cisco IOS 122022-05-17
CVEList
CVE-2014-2107: Cisco IOS 122014-03-27

📋Vendor Advisories

1
Cisco
Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability2014-03-26
CVE-2014-2107 — Improper Input Validation in Cisco IOS | cvebase