The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCug75942.
2014-09-25T10:55:08.447
2025-04-12T10:46:40.837
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:C
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | cisco | ios_xe | 3.3\(.0\)xo | Yes |
| Operating System | cisco | ios_xe | 3.6.0s | Yes |
| Operating System | cisco | ios_xe | 3.6.1s | Yes |
| Operating System | cisco | ios_xe | 3.6.2s | Yes |
| Operating System | cisco | ios_xe | 3.7\(0\)s | Yes |
| Operating System | cisco | ios_xe | 3.7\(1\)as | Yes |
| Operating System | cisco | ios_xe | 3.7\(2\)s | Yes |
| Operating System | cisco | ios_xe | 3.7\(3\)s | Yes |
| Operating System | cisco | ios_xe | 3.7\(4\)s | Yes |
| Operating System | cisco | ios_xe | 3.7\(5\)s | Yes |
| Operating System | cisco | ios_xe | 3.8\(0\)s | Yes |
| Operating System | cisco | ios_xe | 3.8\(1\)s | Yes |
| Operating System | cisco | ios_xe | 3.8\(2\)s | Yes |
| Operating System | cisco | ios_xe | 3.9\(0\)s | Yes |
| Operating System | cisco | ios_xe | 3.9\(1a\)s | Yes |
| Operating System | cisco | ios_xe | 3.9\(2\)s | Yes |
| Operating System | cisco | ios_xe | 3.10s | Yes |