CVE-2014-3354 — Vulnetix

CVE-2014-3354 PUBLISHED CVSS 7.800000190734863 HIGH

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547.

EPSS 2.48% · 85.6th percentile

Risk Scores

CVSS 2.0

7.800000190734863

EPSS Score

2.48%

85.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
cisco	ios_xe	2.1, 2.1.0, 2.1.1
cisco	ios	12.0, 12.2, 15.2

Exploit Intelligence

SERVER-OTHER Cisco IOS RSVP Path message with no session attribute denial of service attempt (vulnetix)
SERVER-OTHER Cisco IOS RSVP Path message with no session attribute denial of service attempt (vulnetix)
SERVER-OTHER Cisco IOS RSVP Path message with no session attribute denial of service attempt (community-snort)
SERVER-OTHER Cisco IOS RSVP Path message with no session attribute denial of service attempt (community-snort)
70183 (circl)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp/cvrf/cisco-sa-20140924-rsvp_cvrf.xml (circl)
20140924 Cisco IOS Software RSVP Vulnerability (circl)
ciscoios-cve20143354-dos(96178) (circl)
1030893 (circl)
70131 (circl)

…and 9 more exploits

Timeline

CVE Published
Apr 19, 2012 PoC Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
Jul 16, 2023 EPSS Score

References

70131 vdb
70183 vdb
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp/cvrf/cisco-sa-20140924-rsvp_cvrf.xml url
20140924 Cisco IOS Software RSVP Vulnerability vendor-advisory
ciscoios-cve20143354-dos(96178) vdb
1030893 vdb
https://nvd.nist.gov/vuln/detail/CVE-2014-3354 advisory

Open in Interactive Console →