CVE-2014-3331

high

Description

The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95357

http://www.securitytracker.com/id/1030747

http://www.securityfocus.com/bid/69281

http://tools.cisco.com/security/center/viewAlert.x?alertId=35346

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331

http://secunia.com/advisories/60706

Details

Source: Mitre, NVD

Published: 2014-08-20

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00398