CVE-2011-3282

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2SRE before 12.2(33)SRE4 Cisco IOS versions 15.0 and 15.1 Cisco IOS XE versions 2.1.x through 3.3.x

Description The issue allows remote attackers to cause a denial of service (device reload) via an ICMPv6 packet, related to an expired MPLS TTL, when an MPLS domain is configured. This can be exploited by sending specially crafted packets over a Multiprotocol Label Switching (MPLS) domain, causing the device to reload.

Recommendations For Cisco IOS versions 12.2SRE before 12.2(33)SRE4, update to version 12.2(33)SRE4 or later. For Cisco IOS versions 15.0 and 15.1, apply the software updates released by Cisco that address these vulnerabilities. For Cisco IOS XE versions 2.1.x through 3.3.x, apply the software updates released by Cisco that address these vulnerabilities. As a temporary workaround, consider restricting access to the MPLS domain to minimize the risk of exploitation.