Details of VAR-201408-0158

ID

VAR-201408-0158

CVE

CVE-2014-3335

TITLE

Cisco ASR 9000 Run on device Cisco IOS XR Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-003948

DESCRIPTION

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750. Vendors have confirmed this vulnerability Bug ID CSCup77750 It is released as.Denial of service operation via a packet crafted by a third party ( Chip and card hang ) There is a possibility of being put into a state. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. A denial of service vulnerability exists in Cisco IOS. Allowing an attacker to exploit this vulnerability causes the NP chip and line card on the affected device to lock and reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCup77750. The vulnerability comes from the fact that the program does not correctly perform NetFlow sampling of data packets (including the multicast destination MAC address)

Trust: 2.61

sources: NVD: CVE-2014-3335 // JVNDB: JVNDB-2014-003948 // CNVD: CNVD-2014-05220 // BID: 69383 // VULHUB: VHN-71275 // VULMON: CVE-2014-3335

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-05220

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.1	Trust: 2.2
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.0	Trust: 2.2
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.2	Trust: 1.2
vendor:	cisco	model:	asr 9000 rsp440 router	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9001	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	lte	version:	4.3.2	Trust: 1.0
vendor:	cisco	model:	asr 9010	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9912	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9922	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9006	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9904	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9000 series rsp440	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr 9001 router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr 9006 router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr 9010 router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr 9904 router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr 9912 router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr 9922 router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	lte	version:	4.3(.2)	Trust: 0.8

sources: CNVD: CNVD-2014-05220 // JVNDB: JVNDB-2014-003948 // CNNVD: CNNVD-201408-409 // NVD: CVE-2014-3335

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3335
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-3335
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2014-05220
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201408-409
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-71275
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2014-3335
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-3335
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:A/AC:H/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.2
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2014-05220
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:A/AC:H/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	2.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-71275
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:A/AC:H/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.2
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-05220 // VULHUB: VHN-71275 // VULMON: CVE-2014-3335 // JVNDB: JVNDB-2014-003948 // CNNVD: CNNVD-201408-409 // NVD: CVE-2014-3335

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-71275 // JVNDB: JVNDB-2014-003948 // NVD: CVE-2014-3335

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201408-409

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201408-409

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-003948

PATCH

title:	Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335	Trust: 0.8
title:	35416	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=35416	Trust: 0.8
title:	Patch for Cisco IOS XR Software Packet Resolution Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/49362	Trust: 0.6
title:	Cisco: Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20140825-CVE-2014-3335	Trust: 0.1

sources: CNVD: CNVD-2014-05220 // VULMON: CVE-2014-3335 // JVNDB: JVNDB-2014-003948

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3335	Trust: 3.5
db:	BID	id:	69383	Trust: 2.1
db:	SECUNIA	id:	60222	Trust: 1.2
db:	SECTRACK	id:	1030757	Trust: 1.2
db:	JVNDB	id:	JVNDB-2014-003948	Trust: 0.8
db:	CNNVD	id:	CNNVD-201408-409	Trust: 0.7
db:	OSVDB	id:	110433	Trust: 0.6
db:	CNVD	id:	CNVD-2014-05220	Trust: 0.6
db:	VULHUB	id:	VHN-71275	Trust: 0.1
db:	VULMON	id:	CVE-2014-3335	Trust: 0.1

sources: CNVD: CNVD-2014-05220 // VULHUB: VHN-71275 // VULMON: CVE-2014-3335 // BID: 69383 // JVNDB: JVNDB-2014-003948 // CNNVD: CNNVD-201408-409 // NVD: CVE-2014-3335

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3335	Trust: 2.4
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=35416	Trust: 1.8
url:	http://www.securityfocus.com/bid/69383	Trust: 1.3
url:	http://www.securitytracker.com/id/1030757	Trust: 1.2
url:	http://secunia.com/advisories/60222	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/95443	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3335	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3335	Trust: 0.8
url:	http://osvdb.com/show/osvdb/110433	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/en/us/products/ps5845/index.html	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140825-cve-2014-3335	Trust: 0.1

sources: CNVD: CNVD-2014-05220 // VULHUB: VHN-71275 // VULMON: CVE-2014-3335 // BID: 69383 // JVNDB: JVNDB-2014-003948 // CNNVD: CNNVD-201408-409 // NVD: CVE-2014-3335

CREDITS

Cisco

Trust: 0.3

sources: BID: 69383

SOURCES

db:	CNVD	id:	CNVD-2014-05220
db:	VULHUB	id:	VHN-71275
db:	VULMON	id:	CVE-2014-3335
db:	BID	id:	69383
db:	JVNDB	id:	JVNDB-2014-003948
db:	CNNVD	id:	CNNVD-201408-409
db:	NVD	id:	CVE-2014-3335

LAST UPDATE DATE

2024-11-23T23:12:46.027000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-05220	date:	2014-08-27T00:00:00
db:	VULHUB	id:	VHN-71275	date:	2017-08-29T00:00:00
db:	VULMON	id:	CVE-2014-3335	date:	2017-08-29T00:00:00
db:	BID	id:	69383	date:	2014-08-27T00:05:00
db:	JVNDB	id:	JVNDB-2014-003948	date:	2014-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201408-409	date:	2014-08-28T00:00:00
db:	NVD	id:	CVE-2014-3335	date:	2024-11-21T02:07:53.310

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-05220	date:	2014-08-27T00:00:00
db:	VULHUB	id:	VHN-71275	date:	2014-08-26T00:00:00
db:	VULMON	id:	CVE-2014-3335	date:	2014-08-26T00:00:00
db:	BID	id:	69383	date:	2014-08-25T00:00:00
db:	JVNDB	id:	JVNDB-2014-003948	date:	2014-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201408-409	date:	2014-08-28T00:00:00
db:	NVD	id:	CVE-2014-3335	date:	2014-08-26T10:55:04.573