Denial of Service Vulnerability in Cisco Intrusion Prevention System Software
CVE-2014-3406

Currently unrated

Key Information:

Vendor: Cisco
Status: Intrusion Prevention System
Vendor: CVE Published:; 19 October 2014

What is CVE-2014-3406?

A race condition exists in the IP logging feature of Cisco Intrusion Prevention System Software, which can be exploited by remote attackers. By sending crafted IP traffic that matches a specific flawed rule, an attacker may trigger a denial of service scenario that leads to automatic device reloads, causing interruptions in network security functionality. This vulnerability underscores the importance of regular software updates and proactive security measures.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 19, 2014
Vulnerability Reserved
May 7, 2014