CVE-2015-0608

EUVD-2015-0621
Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
ciscoios
𝑥
≤ 15.4\(2\)t3
ciscoios
15.4\(1\)t
ciscoios
15.4\(1\)t1
ciscoios
15.4\(1\)t2
ciscoios
15.4\(1\)t3
ciscoios
15.4\(1\)t4
ciscoios
15.4\(2\)t
ciscoios
15.4\(2\)t1
ciscoios
15.4\(2\)t2
ciscoios
15.4t:t
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0608
http://tools.cisco.com/security/center/viewAlert.x?alertId=37421
http://www.securityfocus.com/bid/72566
http://www.securitytracker.com/id/1031731
https://exchange.xforce.ibmcloud.com/vulnerabilities/100808
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0608
http://tools.cisco.com/security/center/viewAlert.x?alertId=37421
http://www.securityfocus.com/bid/72566
http://www.securitytracker.com/id/1031731
https://exchange.xforce.ibmcloud.com/vulnerabilities/100808