CVE-2012-5032

Name of the Vulnerable Software and Affected Versions Cisco IOS versions prior to 15.1(1)SY3

Description The issue concerns the Flex-VPN load-balancing feature in the ipsec-ikev2 implementation, which does not require authentication. This allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination or the discarding of this traffic by arranging for an arbitrary device to become a cluster member.

Recommendations For versions prior to 15.1(1)SY3, update to version 15.1(1)SY3 or later to resolve the issue.