CVE-2011-2058

Name of the Vulnerable Software and Affected Versions Cisco IOS versions prior to 12.2(33)SXI7

Description The issue is related to the cat6000-dot1x component, which does not properly handle an external loop between a pair of dot1x enabled ports. This allows remote attackers to cause a denial of service, also known as a traffic storm, via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs).

Recommendations For versions prior to 12.2(33)SXI7, update to version 12.2(33)SXI7 or later to resolve the issue. As a temporary workaround, consider restricting the use of dot1x enabled ports to minimize the risk of exploitation.