CVE-2014-3377

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 5.1 and earlier

Description A vulnerability in the Simple Network Management Protocol (SNMP) version 2 processing of Cisco IOS XR allows an authenticated, remote attacker to cause a reload of the SNMP daemon (snmpd) process on an affected device. This is due to improper parsing of a malformed SNMPv2 packet. To exploit this vulnerability, an attacker must authenticate to the targeted device and may need to obtain additional information, such as whether the device has SNMP configured.

Recommendations For Cisco IOS XR versions 5.1 and earlier, update to a newer version that includes the fix for this issue, as confirmed by Cisco in their security notice.