Denial of Service Vulnerability in Cisco IOS XR on ASR 9000 Devices
CVE-2014-3335

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xr; Asr 9000 Rsp440 Router; Asr 9001; Asr 9006
Vendor: CVE Published:; 26 August 2014

What is CVE-2014-3335?

Cisco IOS XR 4.3.2 and earlier versions on ASR 9000 routers have a vulnerability that fails to properly process NetFlow sampling for packets with multicast destination MAC addresses. This flaw can be exploited by remote attackers to create a denial of service situation, potentially causing the router’s chips and cards to hang. Such disruptions may lead to significant operational impacts, emphasizing the necessity for prompt updates and patches.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95443

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/69383

vdb-entryx_refsource_BID

http://secunia.com/advisories/60222

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2014
Vulnerability Reserved
May 7, 2014