CVE-2014-3335

Description

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

Risk Information

Base Score

7.5

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.645

Associated Vulnerability

Vulnerability	OS Platform
Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability For Cisco ASR 9000 Series Aggregation Services Routers	NCM
Improper Input Validation Vulnerability (CVE-2014-3335)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1705564	Security Update for Cisco ASR 9000 Series Aggregation Services Routers 5.3.0.1i.BASE

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234