CVE-2014-3396

2014-10-0501:55:13

CWE-264

[email protected]

web.nvd.nist.gov

cisco

asr 9000

ios xr

vulnerability

security

bug id

cscup30133

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.7%

JSON

Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.

Affected configurations

NVD

Node

ciscoios_xr

AND

ciscoasr_9000_rsp440_routerMatch-

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9904Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

CPENameOperatorVersion
cisco:ios_xrcisco ios xreq*
cisco:asr_9000_rsp440_routercisco asr 9000 rsp440 routereq-
cisco:asr_9001cisco asr 9001eq-
cisco:asr_9006cisco asr 9006eq-
cisco:asr_9010cisco asr 9010eq-
cisco:asr_9904cisco asr 9904eq-
cisco:asr_9912cisco asr 9912eq-
cisco:asr_9922cisco asr 9922eq-

CPE	Name	Operator	Version
cisco:ios_xr	cisco ios xr	eq	*
cisco:asr_9000_rsp440_router	cisco asr 9000 rsp440 router	eq	-
cisco:asr_9001	cisco asr 9001	eq	-
cisco:asr_9006	cisco asr 9006	eq	-
cisco:asr_9010	cisco asr 9010	eq	-
cisco:asr_9904	cisco asr 9904	eq	-
cisco:asr_9912	cisco asr 9912	eq	-
cisco:asr_9922	cisco asr 9922	eq	-