6.1

CVE-2014-3322

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

Data is provided by the National Vulnerability Database (NVD)
CiscoIos Xr Version <= 4.3.2
CiscoIos Xr Version4.3.0
CiscoIos Xr Version4.3.1
CiscoAsr 9001 Version-
CiscoAsr 9006 Version-
CiscoAsr 9010 Version-
CiscoAsr 9904 Version-
CiscoAsr 9912 Version-
CiscoAsr 9922 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.67% 0.689
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.1 6.5 6.9
AV:A/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/68833
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030623
Third Party Advisory
VDB Entry