CVE-2014-3321
Description
Cisco IOS XR on ASR 9000 devices with BVI routing enabled can be crashed by crafted MPLS packets, leading to chip and card hangs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cisco IOS XR on ASR 9000 devices with BVI routing enabled can be crashed by crafted MPLS packets, leading to chip and card hangs.
Vulnerability
A denial of service (DoS) vulnerability exists in Cisco IOS XR versions 4.3.4 and earlier running on ASR 9000 series devices. The flaw is triggered when the device has bridge-group virtual interface (BVI) routing enabled. Sending a series of specially crafted MPLS packets via the network can cause the affected line card to hang or crash (Bug ID CSCuo91149) [1].
Exploitation
An attacker can exploit this vulnerability by sending a continuous stream of crafted MPLS packets to an affected ASR 9000 device. No authentication is required, and the attack can be conducted remotely over the network. The only prerequisite is that BVI routing must be enabled on the target device [1].
Impact
Successful exploitation results in a denial of service condition, causing the affected line card to hang or crash, potentially disrupting network services. The vulnerability does not lead to code execution or data disclosure [1].
Mitigation
Cisco has not released a software update to address this vulnerability in the available references. A workaround involves disabling BVI routing if not required. Users should monitor Cisco's security advisory page for future updates [1].
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*range: <=4.3.4
- cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*
- (no CPE)range: <= 4.3.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321nvdVendor Advisory
- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securitytracker.com/id/1030597nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.