3.4s.3

DATE	CVE	VULNERABILITY TITLE	RISK
2013-12-28	CVE-2013-6981	Improper Input Validation vulnerability in Cisco IOS XE Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709. network high complexity cisco CWE-20	5.4
2013-11-22	CVE-2013-6692	Resource Management Errors vulnerability in Cisco IOS XE Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949. network cisco CWE-399	6.3