The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183 | Vendor Advisory |
http://tools.cisco.com/security/center/viewAlert.x?alertId=33971 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
05 Oct 2021, 14:51
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:cisco:asr_1002-x_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1002_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1004_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1001_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1013_router:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:* |
Information
Published : 2014-04-29 10:37
Updated : 2024-02-04 18:35
NVD link : CVE-2014-2183
Mitre link : CVE-2014-2183
CVE.ORG link : CVE-2014-2183
JSON object : View
Products Affected
cisco
- ios_xe
- asr_1006
- asr_1001
- asr_1013
- asr_1002-x
- asr_1002_fixed_router
- asr_1023_router
- asr_1004
- asr_1002
CWE
CWE-20
Improper Input Validation