Improper input validation in Cisco Asr_5000_series_software

CVE-2014-3331

The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash)…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.003 (53.6th percentile) — read the EPSS interpretation.

Affected products

Cisco Asr_5000_series_software — versions 11.0, 12.0, 12.1
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

60706 (x_refsource_SECUNIA, third-party-advisory)
1030747 (vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
69281 (vdb-entry, x_refsource_BID)
20140819 Cisco Packet Data Network Gateway Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
cisco-pgw-cve20143331-dos(95357) (vdb-entry, x_refsource_XF)