1. Home
  2. CVE Database
  3. CVE-2014-3361
HIGH · 7.1

CVE-2014-3361

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka B...

Vulnerability Description

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoIos15.0

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2014-3361?

CVE-2014-3361 is a vulnerability with a CVSS score of 7.1 (HIGH). The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka B...

How severe is CVE-2014-3361?

CVE-2014-3361 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-3361?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.