Guest

Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication

September 24, 2014

Cisco released its semiannual Cisco IOS Software Security Advisory Bundled Publication on September 24, 2014. In direct response to customer feedback, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of the month in March and September of each calendar year. The publication includes six Security Advisories that address vulnerabilities in Cisco IOS Software. Exploits of the individual vulnerabilities could result in a denial of service condition or interface wedge.

Use the Cisco IOS Software Checker to quickly determine whether a given Cisco IOS Software release is exposed to Cisco product vulnerabilities.

 

Event Intelligence

The following table identifies Cisco Security content and Cisco mitigation information that is associated with this Cisco IOS Software Security Advisory bundled publication:

Cisco Security Advisory
Cisco Applied Mitigation Bulletin
Cisco IntelliShield Alert CVE ID
Search CVEs
CVSS
Base Score
CVSS Q&A
OVAL
OVAL

cisco-sa-20140924-dhcpv6

Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability CVE-2014-3359 7.8 cisco-sa-20140924-dhcpv6

cisco-sa-20140924-mdns

Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System

Cisco IOS Software mDNS Gateway Memory Leak Vulnerability

CVE-2014-3357

7.8

cisco-sa-20140924-mdns

Cisco IOS Software mDNS Gateway Denial of Service Vulnerability

CVE-2014-3358

7.8

cisco-sa-20140924-metadata

Cisco IOS Software Metadata Vulnerabilities

Refer to the Workarounds section of the associated Cisco Security Advisory

Cisco IOS Software Metadata Processing Denial of Service Vulnerability

CVE-2014-3355

7.8

cisco-sa-20140924-metadata

Cisco IOS Software Metadata Handling Denial of Service Vulnerability

CVE-2014-3356

7.8

cisco-sa-20140924-nat

Cisco IOS Software Network Address Translation Denial of Service Vulnerability

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software Network Address Translation Vulnerability CVE-2014-3361 7.1 cisco-sa-20140924-nat

cisco-sa-20140924-rsvp

Cisco IOS Software RSVP Vulnerability

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software RSVP Vulnerability CVE-2014-3354 7.8 cisco-sa-20140924-rsvp

cisco-sa-20140924-sip

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

Cisco IOS Software Session Initiation Protocol Vulnerability CVE-2014-3360 7.8 cisco-sa-20140924-sip

Return to the Cisco Security portal