CVE-2014-3263

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.3(3)M

Description A vulnerability in the content scanning module of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a reload of the affected device. The issue occurs when processing HTTPS packets that need to be redirected to a ScanSafe tower. An attacker could exploit this by sending HTTPS packets to be redirected to a ScanSafe tower, potentially causing a reload of the affected device. To exploit this, an attacker may need access to trusted, internal networks where the targeted device resides to send HTTPS packets.

Recommendations For Cisco IOS version 15.3(3)M, update to a newer version that includes the fix for this issue, as confirmed by Cisco in their security notice. As a temporary workaround, consider restricting access to the ScanSafe module to minimize the risk of exploitation.