CVE-2011-4231

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.1 through 15.2 Cisco IOS XE versions 3.x

Description The issue allows remote authenticated users to cause a denial of service, resulting in a segmentation fault and device crash, when the software is configured as an IPsec hub with X.509 certificates in use.

Recommendations For Cisco IOS versions 15.1 through 15.2, consider disabling the use of X.509 certificates for IPsec until a fix is available. For Cisco IOS XE versions 3.x, restrict access to the IPsec configuration to minimize the risk of exploitation.