Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication

March 26, 2014

Cisco released its semiannual Cisco IOS Software Security Advisory Bundled Publication on March 26, 2014. In direct response to customer feedback, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of the month in March and September of each calendar year. The publication includes 5 Security Advisories that address vulnerabilities in Cisco IOS Software and 1 Security Advisory that addresses a vulnerability in the Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks. Exploits of the individual vulnerabilities could result in a denial of service (DoS) condition.

Use the Cisco IOS Software Checker to quickly determine if a given Cisco IOS Software release is exposed to Cisco product vulnerabilities.

Note: In February 2014, Cisco announced details of an industry-wide issue with memory components manufactured by a single supplier between 2005 and 2010. Although the majority of Cisco products that use these components are experiencing field failure rates below expected levels, a device reload or power cycle could expose component failures. While there are no known security implications associated with this issue, a subset of the affected products may experience a memory component failure during the software upgrade process. Cisco recommends customers review the related information and product-specific field notices at www.cisco.com/go/memory before making upgrade decisions. Each Field Notice indicates whether the product could experience the memory component failure during a software upgrade.

 

Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Cisco IOS Software Security Advisory bundled publication:

Cisco Security Advisory
Cisco Applied Mitigation Bulletin
Cisco IntelliShield Alert CVE ID
Search CVEs
CVSS
Base Score
CVSS Q&A
OVAL
OVAL

cisco-sa-20140326-sip

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

Cisco IOS Software and Cisco IOS XE Software Session Initiation Protocol Denial of Service Vulnerability CVE-2014-2106 7.8

cisco-sa-20140326-RSP72010GE

Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability

Refer to the "Workarounds" section of the associated Cisco Security Advisory
Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability CVE-2014-2107 7.1

cisco-sa-20140326-ikev2

Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability

Refer to the "Workarounds" section of the associated Cisco Security Advisory
Cisco IOS Software and Cisco IOS XE Software IKEv2 Denial of Service Vulnerability CVE-2014-2108 7.8

cisco-sa-20140326-nat

Cisco IOS Software Network Address Translation Vulnerabilities

Refer to the "Workarounds" section of the associated Cisco Security Advisory
Cisco IOS Software TCP Input Vulnerability CVE-2014-2109 7.8
Cisco IOS Software NAT DNS Vulnerability CVE-2014-2111 7.1

cisco-sa-20140326-ios-sslvpn

Cisco IOS Software SSL VPN Denial of Service Vulnerability

Refer to the "Workarounds" section of the associated Cisco Security Advisory
Cisco IOS SSL VPN Denial of Service Vulnerability CVE-2014-2112 7.8

cisco-sa-20140326-ipv6

Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability

Refer to the "Workarounds" section of the associated Cisco Security Advisory
Cisco IOS Software and Cisco IOS XE Software Crafted IPv6 Packet Denial of Service Vulnerability CVE-2014-2113 7.8

Return to Cisco Security Intelligence Operations