What is the severity of CVE-2014-2113?

CVE-2014-2113 has a CVSS v2 base score of 7.8, indicating it is a high severity vulnerability.

How do I fix CVE-2014-2113?

To fix CVE-2014-2113, upgrade to the Cisco IOS or IOS XE versions that contain the patch, specifically any version after 3.5.2E or 3.10.2S.

What types of attacks does CVE-2014-2113 enable?

CVE-2014-2113 can be exploited by remote attackers to cause a denial of service by sending malformed IPv6 packets.

Which software versions are affected by CVE-2014-2113?

CVE-2014-2113 affects Cisco IOS versions 15.1 to 15.3 and IOS XE versions up to 3.10.1s.

What is the impact of exploiting CVE-2014-2113?

Exploiting CVE-2014-2113 can lead to I/O memory consumption that causes the affected device to reload.

Vulnerability/
CVE-2014-2113

high

7.8

CWE

27/3/2014

6/8/2024

CVE-2014-2113: Input Validation

First published: Thu Mar 27 2014(Updated: )

Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=15.1
Cisco IOS	=15.2
Cisco IOS	=15.3
Cisco IOS XE	=3.3.0s
Cisco IOS XE	=3.3.0sg
Cisco IOS XE	=3.3.1s
Cisco IOS XE	=3.3.1sg
Cisco IOS XE	=3.3.2s
Cisco IOS XE	=3.3.3s
Cisco IOS XE	=3.3s\(.0\)
Cisco IOS XE	=3.3s\(.1\)
Cisco IOS XE	=3.3s\(.2\)
Cisco IOS XE	=3.5.0s
Cisco IOS XE	=3.5.1s
Cisco IOS XE	=3.5.xs
Cisco IOS XE	=3.5s\(.0\)
Cisco IOS XE	=3.5s\(.1\)
Cisco IOS XE	=3.5s\(.2\)
Cisco IOS XE	=3.7.0s
Cisco IOS XE	=3.7.1s
Cisco IOS XE	=3.7.2s
Cisco IOS XE	=3.7s\(.0\)
Cisco IOS XE	=3.7s\(.1\)
Cisco IOS XE	=3.8.0s
Cisco IOS XE	=3.8s\(.0\)
Cisco IOS XE	=3.8s\(.1\)
Cisco IOS XE	=3.8s\(.2\)
Cisco IOS XE	=3.9.0s
Cisco IOS XE	=3.9.1s
Cisco IOS XE	=3.10
Cisco IOS XE	=3.10.0s
Cisco IOS XE	=3.10.1s
Cisco IOS XE	=3.10.1s1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-2113?
CVE-2014-2113 has a CVSS v2 base score of 7.8, indicating it is a high severity vulnerability.
How do I fix CVE-2014-2113?
To fix CVE-2014-2113, upgrade to the Cisco IOS or IOS XE versions that contain the patch, specifically any version after 3.5.2E or 3.10.2S.
What types of attacks does CVE-2014-2113 enable?
CVE-2014-2113 can be exploited by remote attackers to cause a denial of service by sending malformed IPv6 packets.
Which software versions are affected by CVE-2014-2113?
CVE-2014-2113 affects Cisco IOS versions 15.1 to 15.3 and IOS XE versions up to 3.10.1s.
What is the impact of exploiting CVE-2014-2113?
Exploiting CVE-2014-2113 can lead to I/O memory consumption that causes the affected device to reload.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/cisco
canonical/cisco ios
version/cisco ios/15.1
version/cisco ios/15.2
version/cisco ios/15.3
canonical/cisco ios xe
version/cisco ios xe/3.3.0s
version/cisco ios xe/3.3.0sg
version/cisco ios xe/3.3.1s
version/cisco ios xe/3.3.1sg
version/cisco ios xe/3.3.2s
version/cisco ios xe/3.3.3s
version/cisco ios xe/3.3s\(.0\)
version/cisco ios xe/3.3s\(.1\)
version/cisco ios xe/3.3s\(.2\)
version/cisco ios xe/3.5.0s
version/cisco ios xe/3.5.1s
version/cisco ios xe/3.5.xs
version/cisco ios xe/3.5s\(.0\)
version/cisco ios xe/3.5s\(.1\)
version/cisco ios xe/3.5s\(.2\)
version/cisco ios xe/3.7.0s
version/cisco ios xe/3.7.1s
version/cisco ios xe/3.7.2s
version/cisco ios xe/3.7s\(.0\)
version/cisco ios xe/3.7s\(.1\)
version/cisco ios xe/3.8.0s
version/cisco ios xe/3.8s\(.0\)
version/cisco ios xe/3.8s\(.1\)
version/cisco ios xe/3.8s\(.2\)
version/cisco ios xe/3.9.0s
version/cisco ios xe/3.9.1s
version/cisco ios xe/3.10
version/cisco ios xe/3.10.0s
version/cisco ios xe/3.10.1s
version/cisco ios xe/3.10.1s1

Frequently Asked Questions

What is the severity of CVE-2014-2113?
CVE-2014-2113 has a CVSS v2 base score of 7.8, indicating it is a high severity vulnerability.
How do I fix CVE-2014-2113?
To fix CVE-2014-2113, upgrade to the Cisco IOS or IOS XE versions that contain the patch, specifically any version after 3.5.2E or 3.10.2S.
What types of attacks does CVE-2014-2113 enable?
CVE-2014-2113 can be exploited by remote attackers to cause a denial of service by sending malformed IPv6 packets.
Which software versions are affected by CVE-2014-2113?
CVE-2014-2113 affects Cisco IOS versions 15.1 to 15.3 and IOS XE versions up to 3.10.1s.
What is the impact of exploiting CVE-2014-2113?
Exploiting CVE-2014-2113 can lead to I/O memory consumption that causes the affected device to reload.

CVE-2014-2113: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-2113?

How do I fix CVE-2014-2113?

What types of attacks does CVE-2014-2113 enable?

Which software versions are affected by CVE-2014-2113?

What is the impact of exploiting CVE-2014-2113?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-2113?

How do I fix CVE-2014-2113?

What types of attacks does CVE-2014-2113 enable?

Which software versions are affected by CVE-2014-2113?

What is the impact of exploiting CVE-2014-2113?