What is the severity of CVE-2014-3360?

CVE-2014-3360 is rated as high severity due to its potential to cause a denial of service.

How do I fix CVE-2014-3360?

To fix CVE-2014-3360, upgrade the affected Cisco IOS or IOS XE software to a version that is patched against this vulnerability.

Which Cisco versions are affected by CVE-2014-3360?

CVE-2014-3360 affects Cisco IOS versions 12.4 and 15.0 through 15.4 and various versions of IOS XE from 3.1.xS to 3.11.2s.

What is the impact of CVE-2014-3360?

The impact of CVE-2014-3360 is a potential remote denial of service which can cause affected devices to reload unexpectedly.

Can CVE-2014-3360 be exploited remotely?

Yes, CVE-2014-3360 can be exploited remotely through the sending of crafted SIP messages.

Vulnerability/
CVE-2014-3360

high

7.8

CWE

25/9/2014

6/8/2024

CVE-2014-3360: OS Command Injection

First published: Thu Sep 25 2014(Updated: )

Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=15.1
Cisco IOS	=15.2
Cisco IOS	=15.3
Cisco IOS	=15.4
Cisco IOS XE	=3.1.0s
Cisco IOS XE	=3.1.1s
Cisco IOS XE	=3.1.2s
Cisco IOS XE	=3.1.3s
Cisco IOS XE	=3.1.4s
Cisco IOS XE	=3.2.0s
Cisco IOS XE	=3.2.1s
Cisco IOS XE	=3.2.2s
Cisco IOS XE	=3.3.0s
Cisco IOS XE	=3.3.1s
Cisco IOS XE	=3.3.2s
Cisco IOS XE	=3.3.3s
Cisco IOS XE	=3.4.0s
Cisco IOS XE	=3.4.1s
Cisco IOS XE	=3.4.2s
Cisco IOS XE	=3.4.3s
Cisco IOS XE	=3.4.4s
Cisco IOS XE	=3.4.5s
Cisco IOS XE	=3.5.0s
Cisco IOS XE	=3.5.1s
Cisco IOS XE	=3.5.2s
Cisco IOS XE	=3.6s\(.0\)
Cisco IOS XE	=3.6s\(.1\)
Cisco IOS XE	=3.6s\(.2\)
Cisco IOS XE	=3.7\(0\)s
Cisco IOS XE	=3.7\(1\)as
Cisco IOS XE	=3.7\(2\)s
Cisco IOS XE	=3.7\(3\)s
Cisco IOS XE	=3.7\(4\)s
Cisco IOS XE	=3.7\(5\)s
Cisco IOS XE	=3.8.0s
Cisco IOS XE	=3.8s\(.0\)
Cisco IOS XE	=3.8s\(.1\)
Cisco IOS XE	=3.8s\(.2\)
Cisco IOS XE	=3.9s\(.0\)
Cisco IOS XE	=3.9s\(.1\)
Cisco IOS XE	=3.9s\(.2\)
Cisco IOS XE	=3.10
Cisco IOS XE	=3.10.0s
Cisco IOS XE	=3.11.0s
Cisco IOS XE	=3.11.1s
Cisco IOS XE	=3.11.2s

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3360?
CVE-2014-3360 is rated as high severity due to its potential to cause a denial of service.
How do I fix CVE-2014-3360?
To fix CVE-2014-3360, upgrade the affected Cisco IOS or IOS XE software to a version that is patched against this vulnerability.
Which Cisco versions are affected by CVE-2014-3360?
CVE-2014-3360 affects Cisco IOS versions 12.4 and 15.0 through 15.4 and various versions of IOS XE from 3.1.xS to 3.11.2s.
What is the impact of CVE-2014-3360?
The impact of CVE-2014-3360 is a potential remote denial of service which can cause affected devices to reload unexpectedly.
Can CVE-2014-3360 be exploited remotely?
Yes, CVE-2014-3360 can be exploited remotely through the sending of crafted SIP messages.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/references
agent/author
agent/weakness
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/cisco
canonical/cisco ios
version/cisco ios/15.1
version/cisco ios/15.2
version/cisco ios/15.3
version/cisco ios/15.4
canonical/cisco ios xe
version/cisco ios xe/3.1.0s
version/cisco ios xe/3.1.1s
version/cisco ios xe/3.1.2s
version/cisco ios xe/3.1.3s
version/cisco ios xe/3.1.4s
version/cisco ios xe/3.2.0s
version/cisco ios xe/3.2.1s
version/cisco ios xe/3.2.2s
version/cisco ios xe/3.3.0s
version/cisco ios xe/3.3.1s
version/cisco ios xe/3.3.2s
version/cisco ios xe/3.3.3s
version/cisco ios xe/3.4.0s
version/cisco ios xe/3.4.1s
version/cisco ios xe/3.4.2s
version/cisco ios xe/3.4.3s
version/cisco ios xe/3.4.4s
version/cisco ios xe/3.4.5s
version/cisco ios xe/3.5.0s
version/cisco ios xe/3.5.1s
version/cisco ios xe/3.5.2s
version/cisco ios xe/3.6s\(.0\)
version/cisco ios xe/3.6s\(.1\)
version/cisco ios xe/3.6s\(.2\)
version/cisco ios xe/3.7\(0\)s
version/cisco ios xe/3.7\(1\)as
version/cisco ios xe/3.7\(2\)s
version/cisco ios xe/3.7\(3\)s
version/cisco ios xe/3.7\(4\)s
version/cisco ios xe/3.7\(5\)s
version/cisco ios xe/3.8.0s
version/cisco ios xe/3.8s\(.0\)
version/cisco ios xe/3.8s\(.1\)
version/cisco ios xe/3.8s\(.2\)
version/cisco ios xe/3.9s\(.0\)
version/cisco ios xe/3.9s\(.1\)
version/cisco ios xe/3.9s\(.2\)
version/cisco ios xe/3.10
version/cisco ios xe/3.10.0s
version/cisco ios xe/3.11.0s
version/cisco ios xe/3.11.1s
version/cisco ios xe/3.11.2s

Frequently Asked Questions

What is the severity of CVE-2014-3360?
CVE-2014-3360 is rated as high severity due to its potential to cause a denial of service.
How do I fix CVE-2014-3360?
To fix CVE-2014-3360, upgrade the affected Cisco IOS or IOS XE software to a version that is patched against this vulnerability.
Which Cisco versions are affected by CVE-2014-3360?
CVE-2014-3360 affects Cisco IOS versions 12.4 and 15.0 through 15.4 and various versions of IOS XE from 3.1.xS to 3.11.2s.
What is the impact of CVE-2014-3360?
The impact of CVE-2014-3360 is a potential remote denial of service which can cause affected devices to reload unexpectedly.
Can CVE-2014-3360 be exploited remotely?
Yes, CVE-2014-3360 can be exploited remotely through the sending of crafted SIP messages.

CVE-2014-3360: OS Command Injection

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3360?

How do I fix CVE-2014-3360?

Which Cisco versions are affected by CVE-2014-3360?

What is the impact of CVE-2014-3360?

Can CVE-2014-3360 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-3360?

How do I fix CVE-2014-3360?

Which Cisco versions are affected by CVE-2014-3360?

What is the impact of CVE-2014-3360?

Can CVE-2014-3360 be exploited remotely?