Vulnerability Description
Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.
CVSS Score
6.1
MEDIUM
AV:A/AC:L/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xr | All versions |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2144Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2144Vendor Advisory
FAQ
What is CVE-2014-2144?
CVE-2014-2144 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSC...
How severe is CVE-2014-2144?
CVE-2014-2144 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2144?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xr.