CVE-2014-2108

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.

Published: Mar 27, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-2108
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / ios	15.1	15.1.x
cisco / ios	15.0	15.0.x
cisco / ios	15.3	15.3.x
cisco / ios	15.0(1)se	15.0(1)se.x
cisco / ios	12.2	12.2.x
cisco / ios	15.2	15.2.x
cisco / ios_xe	3.2.0sg	3.2.0sg.x
cisco / ios_xe	3.10	3.10.x
cisco / ios_xe	3.6.2s	3.6.2s.x
cisco / ios_xe	3.5.0s	3.5.0s.x
cisco / ios_xe	3.4s(.4)	3.4s(.4).x
cisco / ios_xe	3.4.1s	3.4.1s.x
cisco / ios_xe	3.3.3s	3.3.3s.x
cisco / ios_xe	3.3.1s	3.3.1s.x
cisco / ios_xe	3.2.0s	3.2.0s.x
cisco / ios_xe	3.8.0s	3.8.0s.x
cisco / ios_xe	3.7.1s	3.7.1s.x
cisco / ios_xe	3.3.2s	3.3.2s.x
cisco / ios_xe	3.3s(.0)	3.3s(.0).x
cisco / ios_xe	3.9.0s	3.9.0s.x
cisco / ios_xe	3.2.0xo	3.2.0xo.x
cisco / ios_xe	3.3.1sg	3.3.1sg.x
cisco / ios_xe	3.3s(.1)	3.3s(.1).x
cisco / ios_xe	3.5.2s	3.5.2s.x
cisco / ios_xe	3.5s(.2)	3.5s(.2).x
cisco / ios_xe	3.6.1s	3.6.1s.x
cisco / ios_xe	3.6.0s	3.6.0s.x
cisco / ios_xe	3.3s(.2)	3.3s(.2).x
cisco / ios_xe	3.4.0as	3.4.0as.x
cisco / ios_xe	3.4s(.3)	3.4s(.3).x
cisco / ios_xe	3.7s(.1)	3.7s(.1).x
cisco / ios_xe	3.7s(.0)	3.7s(.0).x
cisco / ios_xe	3.2.3sg	3.2.3sg.x
cisco / ios_xe	3.6s(.2)	3.6s(.2).x
cisco / ios_xe	3.4.3s	3.4.3s.x
cisco / ios_xe	3.4s(.0)	3.4s(.0).x
cisco / ios_xe	3.5.xs	3.5.xs.x
cisco / ios_xe	3.2.1sg	3.2.1sg.x
cisco / ios_xe	3.9.1s	3.9.1s.x
cisco / ios_xe	3.2.1s	3.2.1s.x
cisco / ios_xe	3.4s(.2)	3.4s(.2).x
cisco / ios_xe	3.4.0s	3.4.0s.x
cisco / ios_xe	3.4.4s	3.4.4s.x
cisco / ios_xe	3.5s(.0)	3.5s(.0).x
cisco / ios_xe	3.2.2s	3.2.2s.x
cisco / ios_xe	3.7.0s	3.7.0s.x
cisco / ios_xe	3.2s(.2)	3.2s(.2).x
cisco / ios_xe	3.4.2s	3.4.2s.x
cisco / ios_xe	3.4.xs	3.4.xs.x
cisco / ios_xe	3.2s(.1)	3.2s(.1).x
cisco / ios_xe	3.3.0s	3.3.0s.x
cisco / ios_xe	3.2.4sg	3.2.4sg.x
cisco / ios_xe	3.8s(.1)	3.8s(.1).x
cisco / ios_xe	3.4s(.1)	3.4s(.1).x
cisco / ios_xe	3.6s(.1)	3.6s(.1).x
cisco / ios_xe	3.5s(.1)	3.5s(.1).x
cisco / ios_xe	3.2s(.0)	3.2s(.0).x
cisco / ios_xe	3.7.2s	3.7.2s.x
cisco / ios_xe	3.4s(.5)	3.4s(.5).x
cisco / ios_xe	3.4s(.6)	3.4s(.6).x
cisco / ios_xe	3.4.5s	3.4.5s.x
cisco / ios_xe	3.5.1s	3.5.1s.x
cisco / ios_xe	3.6s(.0)	3.6s(.0).x
cisco / ios_xe	3.2.2sg	3.2.2sg.x
cisco / ios_xe	3.8s(.0)	3.8s(.0).x
cisco / ios_xe	3.3.0sg	3.3.0sg.x
cisco / ios_xe	3.8s(.2)	3.8s(.2).x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ikev2

Vulnerability Database

289,599

CVE-2014-2108