The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.
References
Link | Resource |
---|---|
http://secunia.com/advisories/59158 | Permissions Required |
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3295 | Vendor Advisory |
http://tools.cisco.com/security/center/viewAlert.x?alertId=34585 | Vendor Advisory |
http://www.securityfocus.com/bid/67983 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1030409 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2014-06-14T01:00:00
Updated: 2014-06-18T18:57:01
Reserved: 2014-05-07T00:00:00
Link: CVE-2014-3295
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-06-14T04:26:47.173
Modified: 2016-09-08T12:03:41.343
Link: CVE-2014-3295
JSON object: View
Redhat Information
No data.
CWE