CVE-2014-3359

2014-09-2510:55:00

CWE-399

[email protected]

web.nvd.nist.gov

cisco

ios

memory leak

cve-2014-3359

denial of service

dhcpv6

vulnerability

9.1 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.013 Low

EPSS

Percentile

85.6%

JSON

Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081.

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq3.10
cisco:ios_xecisco ios xeeq3.5.0s
cisco:ios_xecisco ios xeeq3.4.1s
cisco:ioscisco ioseq15.1
cisco:ioscisco ioseq15.4
cisco:ios_xecisco ios xeeq3.7\(0\)s
cisco:ios_xecisco ios xeeq3.8.0s
cisco:ios_xecisco ios xeeq3.7\(2\)s
cisco:ios_xecisco ios xeeq3.5.2s
cisco:ios_xecisco ios xeeq3.9s\(.0\)

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	3.10
cisco:ios_xe	cisco ios xe	eq	3.5.0s
cisco:ios_xe	cisco ios xe	eq	3.4.1s
cisco:ios	cisco ios	eq	15.1
cisco:ios	cisco ios	eq	15.4
cisco:ios_xe	cisco ios xe	eq	3.7\(0\)s
cisco:ios_xe	cisco ios xe	eq	3.8.0s
cisco:ios_xe	cisco ios xe	eq	3.7\(2\)s
cisco:ios_xe	cisco ios xe	eq	3.5.2s
cisco:ios_xe	cisco ios xe	eq	3.9s\(.0\)