What is the severity of CVE-2011-3295?

CVE-2011-3295 is classified as a denial of service vulnerability that can lead to significant CPU consumption.

How do I fix CVE-2011-3295?

To mitigate CVE-2011-3295, upgrade to a fixed version of Cisco IOS XR as specified in Cisco's security advisories.

Which Cisco products are affected by CVE-2011-3295?

CVE-2011-3295 affects various versions of Cisco IOS XR including versions from 3.8 through the 4.1 series.

Can CVE-2011-3295 be exploited remotely?

Yes, CVE-2011-3295 can be exploited remotely by attackers using crafted network traffic.

What are the symptoms of a CVE-2011-3295 attack?

The main symptom of an attack exploiting CVE-2011-3295 is increased CPU usage leading to potential service interruptions.

Vulnerability/
CVE-2011-3295

high

7.8

CWE

2/5/2012

6/8/2024

CVE-2011-3295: Input Validation

First published: Wed May 02 2012(Updated: )

The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS XRv 9000	=4.0.4
Cisco IOS XRv 9000	=3.8.4
Cisco IOS XRv 9000	=3.9.0
Cisco IOS XRv 9000	=3.9.2
Cisco IOS XRv 9000	=3.9.1
Cisco IOS XRv 9000	=3.8.1
Cisco IOS XRv 9000	=3.8.2
Cisco IOS XRv 9000	=4.0.2
Cisco IOS XRv 9000	=4.1
Cisco IOS XRv 9000	=3.8.3
Cisco IOS XRv 9000	=4.0.1
Cisco IOS XRv 9000	=4.0.0
Cisco IOS XRv 9000	=4.0.3
Cisco IOS XRv 9000	=3.8.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-3295?
CVE-2011-3295 is classified as a denial of service vulnerability that can lead to significant CPU consumption.
How do I fix CVE-2011-3295?
To mitigate CVE-2011-3295, upgrade to a fixed version of Cisco IOS XR as specified in Cisco's security advisories.
Which Cisco products are affected by CVE-2011-3295?
CVE-2011-3295 affects various versions of Cisco IOS XR including versions from 3.8 through the 4.1 series.
Can CVE-2011-3295 be exploited remotely?
Yes, CVE-2011-3295 can be exploited remotely by attackers using crafted network traffic.
What are the symptoms of a CVE-2011-3295 attack?
The main symptom of an attack exploiting CVE-2011-3295 is increased CPU usage leading to potential service interruptions.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/references
agent/last-modified-date
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco ios xrv 9000
version/cisco ios xrv 9000/4.0.4
version/cisco ios xrv 9000/3.8.4
version/cisco ios xrv 9000/3.9.0
version/cisco ios xrv 9000/3.9.2
version/cisco ios xrv 9000/3.9.1
version/cisco ios xrv 9000/3.8.1
version/cisco ios xrv 9000/3.8.2
version/cisco ios xrv 9000/4.0.2
version/cisco ios xrv 9000/4.1
version/cisco ios xrv 9000/3.8.3
version/cisco ios xrv 9000/4.0.1
version/cisco ios xrv 9000/4.0.0
version/cisco ios xrv 9000/4.0.3
version/cisco ios xrv 9000/3.8.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.