What is the severity of CVE-2014-3353?

CVE-2014-3353 is categorized as a denial of service vulnerability which could lead to significant service disruptions.

How do I fix CVE-2014-3353?

To mitigate CVE-2014-3353, upgrade Cisco IOS XR to version 4.3.3 or later to address the vulnerability.

Who is affected by CVE-2014-3353?

CVE-2014-3353 affects all Cisco Carrier Routing Systems running IOS XR versions 4.3.2 and earlier.

What type of attacks can CVE-2014-3353 enable?

CVE-2014-3353 can be exploited by remote attackers to cause high CPU utilization and drop IPv6 packets.

Is there a workaround for CVE-2014-3353?

There are no official workarounds for CVE-2014-3353, so upgrading to a secure version is recommended.

Vulnerability/
CVE-2014-3353

high

7.1

CWE

399

4/9/2014

6/8/2024

CVE-2014-3353

First published: Thu Sep 04 2014(Updated: )

Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS XRv 9000	<=4.3.2
Cisco IOS XRv 9000	=4.3.0
Cisco IOS XRv 9000	=4.3.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3353?
CVE-2014-3353 is categorized as a denial of service vulnerability which could lead to significant service disruptions.
How do I fix CVE-2014-3353?
To mitigate CVE-2014-3353, upgrade Cisco IOS XR to version 4.3.3 or later to address the vulnerability.
Who is affected by CVE-2014-3353?
CVE-2014-3353 affects all Cisco Carrier Routing Systems running IOS XR versions 4.3.2 and earlier.
What type of attacks can CVE-2014-3353 enable?
CVE-2014-3353 can be exploited by remote attackers to cause high CPU utilization and drop IPv6 packets.
Is there a workaround for CVE-2014-3353?
There are no official workarounds for CVE-2014-3353, so upgrading to a secure version is recommended.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco ios xrv 9000
version/cisco ios xrv 9000/4.3.2
version/cisco ios xrv 9000/4.3.0
version/cisco ios xrv 9000/4.3.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2014-3353?
CVE-2014-3353 is categorized as a denial of service vulnerability which could lead to significant service disruptions.
How do I fix CVE-2014-3353?
To mitigate CVE-2014-3353, upgrade Cisco IOS XR to version 4.3.3 or later to address the vulnerability.
Who is affected by CVE-2014-3353?
CVE-2014-3353 affects all Cisco Carrier Routing Systems running IOS XR versions 4.3.2 and earlier.
What type of attacks can CVE-2014-3353 enable?
CVE-2014-3353 can be exploited by remote attackers to cause high CPU utilization and drop IPv6 packets.
Is there a workaround for CVE-2014-3353?
There are no official workarounds for CVE-2014-3353, so upgrading to a secure version is recommended.