L2TP Module Vulnerability in Cisco IOS XE on ASR 1000 Routers
CVE-2014-2183

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xe; Asr 1001; Asr 1002; Asr 1002-x
Vendor: CVE Published:; 29 April 2014

Summary

The L2TP module in Cisco IOS XE is susceptible to a Denial of Service attack due to a flaw that allows remote authenticated users to send a malformed L2TP packet. This can cause an unintentional ESP card reload on ASR 1000 series routers, disrupting network services.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 29, 2014
Vulnerability Reserved
Feb 25, 2014