Vulnerability Database

322,573

Total vulnerabilities in the database

CVE-2014-3356

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753.

Published: Sep 25, 2014
Updated: Nov 9, 2025
CVE: CVE-2014-3356
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	3.6.2s	3.6.2s.x
cisco / ios_xe	3.9(2)s	3.9(2)s.x
cisco / ios_xe	3.7(0)s	3.7(0)s.x
cisco / ios_xe	3.7(2)s	3.7(2)s.x
cisco / ios_xe	3.9(0)s	3.9(0)s.x
cisco / ios_xe	3.6.1s	3.6.1s.x
cisco / ios_xe	3.6.0s	3.6.0s.x
cisco / ios_xe	3.7(4)s	3.7(4)s.x
cisco / ios_xe	3.7(5)s	3.7(5)s.x
cisco / ios_xe	3.8(1)s	3.8(1)s.x
cisco / ios_xe	3.8(2)s	3.8(2)s.x
cisco / ios_xe	3.7(1)as	3.7(1)as.x
cisco / ios_xe	3.7(3)s	3.7(3)s.x
cisco / ios_xe	3.10s	3.10s.x
cisco / ios_xe	3.8(0)s	3.8(0)s.x
cisco / ios_xe	3.9(1a)s	3.9(1a)s.x
cisco / ios_xe	3.3(.0)xo	3.3(.0)xo.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo