Denial of Service Vulnerability in Cisco IOS XR on ASR 9000 Devices
CVE-2014-3308

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xr; Asr 9000 Rsp440 Router; Asr 9001; Asr 9006
Vendor: CVE Published:; 7 July 2014

What is CVE-2014-3308?

Cisco IOS XR running on Trident line cards in ASR 9000 devices is susceptible to a denial of service condition due to the absence of a static punt policer. This vulnerability allows remote attackers to exploit the issue by sending specially crafted packets, resulting in significant CPU resource consumption and potential service disruption.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/68351

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1030525

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 7, 2014
Vulnerability Reserved
May 7, 2014