CVE-2013-1167

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 3.2 through 3.4 before 3.4.2S, and 3.5

Description The issue allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation when bridge domain interface (BDI) is enabled. Successful exploitation could allow an unauthenticated remote attacker to trigger a reload of the Embedded Services Processors (ESP) card or the Route Processor (RP) card, causing an interruption of services. Repeated exploitation could result in a sustained DoS condition.

Recommendations For Cisco IOS XE versions 3.2 through 3.4 before 3.4.2S, and 3.5, update to a fixed version to resolve the issue. As a temporary workaround, consider disabling the bridge domain interface (BDI) until a patch is available. Restrict access to the vulnerable interface to minimize the risk of exploitation.