CVE-2012-4623

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 through 12.4 Cisco IOS versions 15.0 through 15.2 Cisco IOS XE versions 2.1.x through 2.6.x Cisco IOS XE versions 3.1.xS before 3.1.4S Cisco IOS XE versions 3.1.xSG Cisco IOS XE versions 3.2.xSG before 3.2.5SG Cisco IOS XE versions 3.2.xS Cisco IOS XE versions 3.2.xXO Cisco IOS XE versions 3.3.xS Cisco IOS XE versions 3.3.xSG before 3.3.1SG

Description The DHCPv6 server in Cisco IOS contains a vulnerability that allows a remote attacker to cause a denial of service (device reload) via a malformed DHCPv6 packet. This can be exploited by sending a crafted request to an affected device with the DHCP version 6 (DHCPv6) server feature enabled.

Recommendations For Cisco IOS versions 12.2 through 12.4, update to a fixed version to resolve the issue. For Cisco IOS versions 15.0 through 15.2, update to a fixed version to resolve the issue. For Cisco IOS XE versions 2.1.x through 2.6.x, update to a fixed version to resolve the issue. For Cisco IOS XE versions 3.1.xS before 3.1.4S, update to version 3.1.4S or later to resolve the issue. For Cisco IOS XE versions 3.1.xSG, update to a fixed version to resolve the issue. For Cisco IOS XE versions 3.2.xSG before 3.2.5SG, update to version 3.2.5SG or later to resolve the issue. For Cisco IOS XE versions 3.2.xS, update to a fixed version to resolve the issue. For Cisco IOS XE versions 3.2.xXO, update to a fixed version to resolve the issue. For Cisco IOS XE versions 3.3.xS, update to a fixed version to resolve the issue. For Cisco IOS XE versions 3.3.xSG before 3.3.1SG, update to version 3.3.1SG or later to resolve the issue. As a temporary workaround, consider disabling the DHCPv6 server feature until a patch is available.