Vulnerability Details CVE-2014-3331
The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/60706
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35346
- http://www.securityfocus.com/bid/69281
- http://www.securitytracker.com/id/1030747
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95357
- http://secunia.com/advisories/60706
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35346
- http://www.securityfocus.com/bid/69281
- http://www.securitytracker.com/id/1030747
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95357
Products affected by CVE-2014-3331
-
cpe:2.3:a:cisco:asr_5000_series_software:11.0
-
cpe:2.3:a:cisco:asr_5000_series_software:12.0
-
cpe:2.3:a:cisco:asr_5000_series_software:12.1
-
cpe:2.3:a:cisco:asr_5000_series_software:12.2
-
cpe:2.3:a:cisco:asr_5000_series_software:14.0
-
cpe:2.3:a:cisco:asr_5000_series_software:15.0
-
cpe:2.3:a:cisco:asr_5000_series_software:16.1.0
-
cpe:2.3:a:cisco:asr_5000_series_software:16.1.1
-
cpe:2.3:a:cisco:asr_5000_series_software:16.1.2
-
cpe:2.3:a:cisco:asr_5000_series_software:17.0.0