- Description
- The Overlay Transport Virtualization (OTV) implementation in Cisco IOS XE 3.10S allows remote attackers to cause a denial of service (device reload) via a series of packets that are considered oversized and trigger improper fragmentation handling, aka Bug IDs CSCup37676 and CSCup30335.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 6.1
- Impact score
- 6.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:N/I:N/A:C
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9D9F45C-E71F-4425-A0C7-DFFEEC93C152"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "337ED1D1-0044-4D98-B53B-8D30859DF38E"
}
],
"operator": "OR"
}
]
}
]