CVE-2014-3360

Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586.

Published: Sep 25, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3360
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	3.10	3.10.x
cisco / ios_xe	3.5.0s	3.5.0s.x
cisco / ios_xe	3.4.1s	3.4.1s.x
cisco / ios	15.1	15.1.x
cisco / ios	15.4	15.4.x
cisco / ios_xe	3.3.3s	3.3.3s.x
cisco / ios_xe	3.3.1s	3.3.1s.x
cisco / ios_xe	3.2.0s	3.2.0s.x
cisco / ios_xe	3.7(0)s	3.7(0)s.x
cisco / ios_xe	3.8.0s	3.8.0s.x
cisco / ios_xe	3.3.2s	3.3.2s.x
cisco / ios_xe	3.7(2)s	3.7(2)s.x
cisco / ios_xe	3.5.2s	3.5.2s.x
cisco / ios_xe	3.9s(.0)	3.9s(.0).x
cisco / ios_xe	3.7(4)s	3.7(4)s.x
cisco / ios_xe	3.11.2s	3.11.2s.x
cisco / ios	15.3	15.3.x
cisco / ios_xe	3.7(5)s	3.7(5)s.x
cisco / ios_xe	3.6s(.2)	3.6s(.2).x
cisco / ios_xe	3.4.3s	3.4.3s.x
cisco / ios_xe	3.11.0s	3.11.0s.x
cisco / ios_xe	3.2.1s	3.2.1s.x
cisco / ios_xe	3.9s(.2)	3.9s(.2).x
cisco / ios_xe	3.1.2s	3.1.2s.x
cisco / ios_xe	3.4.0s	3.4.0s.x
cisco / ios_xe	3.4.4s	3.4.4s.x
cisco / ios_xe	3.1.1s	3.1.1s.x
cisco / ios_xe	3.2.2s	3.2.2s.x
cisco / ios_xe	3.7(1)as	3.7(1)as.x
cisco / ios_xe	3.10.0s	3.10.0s.x
cisco / ios_xe	3.4.2s	3.4.2s.x
cisco / ios_xe	3.7(3)s	3.7(3)s.x
cisco / ios_xe	3.1.0s	3.1.0s.x
cisco / ios_xe	3.1.4s	3.1.4s.x
cisco / ios_xe	3.3.0s	3.3.0s.x
cisco / ios_xe	3.9s(.1)	3.9s(.1).x
cisco / ios_xe	3.8s(.1)	3.8s(.1).x
cisco / ios_xe	3.6s(.1)	3.6s(.1).x
cisco / ios_xe	3.1.3s	3.1.3s.x
cisco / ios_xe	3.4.5s	3.4.5s.x
cisco / ios_xe	3.5.1s	3.5.1s.x
cisco / ios	15.2	15.2.x
cisco / ios_xe	3.6s(.0)	3.6s(.0).x
cisco / ios_xe	3.8s(.0)	3.8s(.0).x
cisco / ios_xe	3.11.1s	3.11.1s.x
cisco / ios_xe	3.8s(.2)	3.8s(.2).x

Vulnerability Database

289,697

CVE-2014-3360