Vulnerability Description
The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Asr 5000 Series Software | 11.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/60706
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35346Vendor Advisory
- http://www.securityfocus.com/bid/69281
- http://www.securitytracker.com/id/1030747
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95357
- http://secunia.com/advisories/60706
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35346Vendor Advisory
- http://www.securityfocus.com/bid/69281
- http://www.securitytracker.com/id/1030747
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95357
FAQ
What is CVE-2014-3331?
CVE-2014-3331 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to ca...
How severe is CVE-2014-3331?
CVE-2014-3331 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3331?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Asr 5000 Series Software.