CVE-2014-3379Improper Input Validation in Cisco IOS XR

CWE-20Improper Input Validation4 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
0.8%
top 25.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XR
Timeline
PublishedSep 20
Latest updateMay 17

Description

Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios_xr55 versions+54

🔴Vulnerability Details

2
GHSA
GHSA-qw4q-mjmj-xfqp: Cisco IOS XR 52022-05-17
CVEList
CVE-2014-3379: Cisco IOS XR 52014-09-20

📋Vendor Advisories

1
Cisco
Cisco IOS XR Software Malformed MPLS Packet Denial of Service Vulnerability2014-09-19
CVE-2014-3379 — Improper Input Validation in Cisco | cvebase