CVE-2014-2176 — Cisco IOS XR vulnerability

CWE-3995 documents5 sources

Severity

7.1HIGHNVD

EPSS

0.8%

top 25.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS XR

Timeline

PublishedJun 14

Latest updateMay 17

Description

Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/ios_xr5 versions+4

🔴Vulnerability Details

GHSA

GHSA-3gmq-p7p4-9w39: Cisco IOS XR 4↗2022-05-17

▶

CVEList

CVE-2014-2176: Cisco IOS XR 4↗2014-06-14

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)↗2014-11-13

▶

📋Vendor Advisories

Cisco

Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability↗2014-06-11

▶