CVE-2014-2183

Description

The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.

Risk Information

Base Score

6.5

MODERATE

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.296

Associated Vulnerability

Vulnerability	OS Platform
Cisco IOS XE Software Malformed L2TP Packet Vulnerability For Cisco IOS XE Software	NCM
Improper Input Validation Vulnerability (CVE-2014-2183)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1706107	Security Update for Cisco IOS XE Software 5.2(1)SV5(1.3a)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234