CVE-2014-3284

2014-05-2522:55:02

CWE-20

[email protected]

web.nvd.nist.gov

cisco

ios xe

asr1000

pppoe

denial of service

vulnerability

cve-2014-3284

nvd

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.

Affected configurations

NVD

Node

ciscoios_xeMatch-

AND

ciscoasr_1001Match-

ciscoasr_1002Match-

ciscoasr_1002-xMatch-

ciscoasr_1002_fixed_routerMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1013Match-

ciscoasr_1023_routerMatch-

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq-
cisco:asr_1001cisco asr 1001eq-
cisco:asr_1002cisco asr 1002eq-
cisco:asr_1002-xcisco asr 1002-xeq-
cisco:asr_1002_fixed_routercisco asr 1002 fixed routereq-
cisco:asr_1004cisco asr 1004eq-
cisco:asr_1006cisco asr 1006eq-
cisco:asr_1013cisco asr 1013eq-
cisco:asr_1023_routercisco asr 1023 routereq-

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	-
cisco:asr_1001	cisco asr 1001	eq	-
cisco:asr_1002	cisco asr 1002	eq	-
cisco:asr_1002-x	cisco asr 1002-x	eq	-
cisco:asr_1002_fixed_router	cisco asr 1002 fixed router	eq	-
cisco:asr_1004	cisco asr 1004	eq	-
cisco:asr_1006	cisco asr 1006	eq	-
cisco:asr_1013	cisco asr 1013	eq	-
cisco:asr_1023_router	cisco asr 1023 router	eq	-