CVE-2014-3378

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 5.1 and earlier

Description A vulnerability in TACACS+ processing allows an unauthenticated, remote attacker to cause a reload of the TACACS+ daemon (tacacsd) on the affected device. The issue is due to improper parsing of a malformed TACACS+ packet. An attacker could exploit this by sending a malformed packet to be processed by an affected device, potentially causing a reload of the TACACS+ process. The attacker may need access to internal networks and additional information about the device's configuration to exploit this issue.

Recommendations For Cisco IOS XR versions 5.1 and earlier, update to a newer version that includes the fix for this issue, as confirmed by Cisco in their security notice. As a temporary workaround, consider restricting access to the TACACS+ daemon to minimize the risk of exploitation.