ID
VAR-201405-0346
CVE
CVE-2014-3273
TITLE
Cisco IOS of LLDP Service disruption in implementations (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The LLDP packet is sent to the LLDP-enabled device to overload the affected device. Cisco IOS Software is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCum96282
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2(2)t | Trust: 0.8 |
| vendor: | cisco | model: | ios software | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 15.2t | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 0 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
THREAT TYPE
specific network environment
Trust: 0.6
TYPE
input validation
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Cisco IOS Software LLDP Denial of Service Vulnerability | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3273 | Trust: 0.8 |
| title: | 34293 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=34293 | Trust: 0.8 |
| title: | Cisco IOS Software LLDP Requests Patch for Handling Denial of Service Vulnerabilities | url: | https://www.cnvd.org.cn/patchInfo/show/45843 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-3273 | Trust: 3.4 |
| db: | SECTRACK | id: | 1030257 | Trust: 1.1 |
| db: | BID | id: | 67489 | Trust: 1.0 |
| db: | JVNDB | id: | JVNDB-2014-002556 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201405-390 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2014-03189 | Trust: 0.6 |
| db: | CISCO | id: | 20140519 CISCO IOS SOFTWARE LLDP DENIAL OF SERVICE VULNERABILITY | Trust: 0.6 |
| db: | VULHUB | id: | VHN-71213 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3273 | Trust: 2.3 |
| url: | http://www.securitytracker.com/id/1030257 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3273 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3273 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2014-03189 |
| db: | VULHUB | id: | VHN-71213 |
| db: | BID | id: | 67489 |
| db: | JVNDB | id: | JVNDB-2014-002556 |
| db: | CNNVD | id: | CNNVD-201405-390 |
| db: | NVD | id: | CVE-2014-3273 |
LAST UPDATE DATE
2025-04-12T23:05:06.912000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2014-03189 | date: | 2014-05-23T00:00:00 |
| db: | VULHUB | id: | VHN-71213 | date: | 2016-09-07T00:00:00 |
| db: | BID | id: | 67489 | date: | 2014-05-21T00:43:00 |
| db: | JVNDB | id: | JVNDB-2014-002556 | date: | 2014-05-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-201405-390 | date: | 2014-05-23T00:00:00 |
| db: | NVD | id: | CVE-2014-3273 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2014-03189 | date: | 2014-05-23T00:00:00 |
| db: | VULHUB | id: | VHN-71213 | date: | 2014-05-20T00:00:00 |
| db: | BID | id: | 67489 | date: | 2014-05-19T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-002556 | date: | 2014-05-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-201405-390 | date: | 2014-05-23T00:00:00 |
| db: | NVD | id: | CVE-2014-3273 | date: | 2014-05-20T11:13:38.343 |