Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-3331

The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.

Published

2014-08-20T11:17:14.250

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-20
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application cisco asr_5000_series_software 11.0 Yes
Application cisco asr_5000_series_software 12.0 Yes
Application cisco asr_5000_series_software 12.1 Yes
Application cisco asr_5000_series_software 12.2 Yes
Application cisco asr_5000_series_software 14.0 Yes
Application cisco asr_5000_series_software 15.0 Yes
Application cisco asr_5000_series_software 16.1.0 Yes
Application cisco asr_5000_series_software 16.1.1 Yes
Application cisco asr_5000_series_software 16.1.2 Yes
Application cisco asr_5000_series_software 17.0.0 Yes
References