What is the severity of CVE-2014-3327?

CVE-2014-3327 is rated as high severity due to its potential to cause denial of service through a device reload.

How do I fix CVE-2014-3327?

To mitigate CVE-2014-3327, you should upgrade to Cisco IOS versions 3.5.3E or later.

What systems are affected by CVE-2014-3327?

CVE-2014-3327 affects various Cisco IOS and IOS XE versions including 12.2, 15.0 through 15.4, and multiple 3.x revisions of IOS XE.

How does CVE-2014-3327 operate?

CVE-2014-3327 allows remote attackers to exploit the EnergyWise module by sending crafted IPv4 packets that cause device reloads.

Is there a workaround for CVE-2014-3327?

Currently, there is no documented workaround for CVE-2014-3327, therefore upgrading software is the recommended action.

Vulnerability/
CVE-2014-3327

high

7.8

CWE

11/8/2014

6/8/2024

CVE-2014-3327: Input Validation

First published: Mon Aug 11 2014(Updated: )

The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=12.2
Cisco IOS	=15.0
Cisco IOS	=15.1
Cisco IOS	=15.2
Cisco IOS	=15.4
Cisco IOS XE Software	=3.2.00.xo.15.0\(2\)xo
Cisco IOS XE Software	=3.2.0xo
Cisco IOS XE Software	=3.3.0sg
Cisco IOS XE Software	=3.3.1sg
Cisco IOS XE Software	=3.4.0sg
Cisco IOS XE Software	=3.4.1sg
Cisco IOS XE Software	=3.4.2sg
Cisco IOS XE Software	=3.4.3sg
Cisco IOS XE Software	=3.4.4sg
Cisco IOS XE Software	=3.5.0e
Cisco IOS XE Software	=3.5.1e
Cisco IOS XE Software	=3.5.2e

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3327?
CVE-2014-3327 is rated as high severity due to its potential to cause denial of service through a device reload.
How do I fix CVE-2014-3327?
To mitigate CVE-2014-3327, you should upgrade to Cisco IOS versions 3.5.3E or later.
What systems are affected by CVE-2014-3327?
CVE-2014-3327 affects various Cisco IOS and IOS XE versions including 12.2, 15.0 through 15.4, and multiple 3.x revisions of IOS XE.
How does CVE-2014-3327 operate?
CVE-2014-3327 allows remote attackers to exploit the EnergyWise module by sending crafted IPv4 packets that cause device reloads.
Is there a workaround for CVE-2014-3327?
Currently, there is no documented workaround for CVE-2014-3327, therefore upgrading software is the recommended action.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/references
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco ios
version/cisco ios/12.2
version/cisco ios/15.0
version/cisco ios/15.1
version/cisco ios/15.2
version/cisco ios/15.4
canonical/cisco ios xe
version/cisco ios xe/3.2.00.xo.15.0\(2\)xo
version/cisco ios xe/3.2.0xo
version/cisco ios xe/3.3.0sg
version/cisco ios xe/3.3.1sg
version/cisco ios xe/3.4.0sg
version/cisco ios xe/3.4.1sg
version/cisco ios xe/3.4.2sg
version/cisco ios xe/3.4.3sg
version/cisco ios xe/3.4.4sg
version/cisco ios xe/3.5.0e
version/cisco ios xe/3.5.1e
version/cisco ios xe/3.5.2e

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.