Denial of Service Vulnerability in Cisco IOS XR on ASR 9000 Devices
CVE-2014-2176

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xr; Asr 9001; Asr 9006; Asr 9010
Vendor: CVE Published:; 14 June 2014

What is CVE-2014-2176?

Cisco IOS XR versions 4.1.2 through 5.1.1, utilized in ASR 9000 devices with Trident-based line cards, are susceptible to a denial of service attack. Remote attackers can exploit this vulnerability by sending malformed IPv6 packets, resulting in the NP chip and line card reloading an overwhelming resource drain on the device.

References

http://secunia.com/advisories/58722

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/68005

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 14, 2014
Vulnerability Reserved
Feb 25, 2014