Vulnerabilities > CVE-2014-3405 - Security vulnerability in Cisco IOS XE Software

CVSS 4.8 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

cisco

NVD

Published: 2014-10-10

Updated: 2014-10-10

Summary

Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an ANI interface, aka Bug ID CSCuq22673.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XE -	1

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3405