Unrated severityNVD Advisory· Published Sep 20, 2014· Updated May 6, 2026

CVE-2014-3377

Description

A malformed SNMPv2 packet can cause the snmpd process to reload in Cisco IOS XR 5.1 and earlier, resulting in denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A malformed SNMPv2 packet can cause the snmpd process to reload in Cisco IOS XR 5.1 and earlier, resulting in denial of service.

Vulnerability

The vulnerability resides in the SNMP daemon (snmpd) of Cisco IOS XR versions 5.1 and earlier. A remote authenticated user can send a malformed SNMPv2 packet that triggers a process reload, leading to a denial of service condition. This issue is tracked as Bug ID CSCun67791 [2].

Exploitation

An attacker must have valid SNMP credentials to authenticate to the device. The attacker then sends a specially crafted SNMPv2 packet to the vulnerable snmpd process. No additional user interaction is required. The malformed packet causes the process to reload [2].

Impact

Successful exploitation results in a denial of service for SNMP services due to the snmpd process reload. This can disrupt network monitoring and management capabilities. Other router functions are not directly affected [2].

Mitigation

No specific mitigation details are provided in the available references. Cisco may have addressed this vulnerability in a later IOS XR release; users should consult the Cisco Security Notice for CVE-2014-3377 [2] for updated information.

References

Security Advisories

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Cisco Systems, Inc./iOS Xr56 versions
cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*+ 55 more
- cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.2.50:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.5:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.6:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.7:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.7.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.7.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*
- (no CPE)range: <=5.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3377nvdVendor Advisory
tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
secunia.com/advisories/59606nvd
www.securityfocus.com/bid/69959nvd
www.securitytracker.com/id/1030878nvd
exchange.xforce.ibmcloud.com/vulnerabilities/96066nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000