CVE-2015-0609

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.4(2)T3 and earlier

Description A race condition in the Common Classification Engine (CCE) of the Measurement, Aggregation, and Correlation Engine (MACE) implementation allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching. The vulnerability can be exploited by sending crafted traffic to an affected router, potentially requiring access to trusted, internal networks behind a firewall.

Recommendations For Cisco IOS versions 15.4(2)T3 and earlier, update to a newer version that includes the fix for this issue, as confirmed by Cisco in their security notice. At the moment, there is no information about a newer version that contains a fix for this vulnerability.