Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3262

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-3262
Last Modified 13 Jun 2014 12:55:46
Published 16 May 2014 07:12:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-3262

Summary

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782.

Vulnerable Systems

Operating System

  • Cisco Ios 15.3%283%29m

  • Cisco Ios 15.3%283%29s

  • Cisco Ios 15.3m

  • Cisco Ios 15.3s

  • Cisco Ios Xe -


References

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=34233

CISCO - 20140514 Cisco IOS Software and IOS XE Software LISP Denial of Service Vulnerability

SECTRACK - 1030243


Last Updated: 27 May 2016 11:05:18