CVE-2013-6692

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 3.8S(.2) and earlier

Description A issue in the DHCP function that assigns IP addresses to AAA clients allows remote authenticated users to cause a denial of service, resulting in a device reload. This is due to improper processing of AAA packets that require IP address assignment from a DHCP pool. An attacker could exploit this by sending AAA packets to a device configured to authenticate and assign an address from a DHCP pool. The vulnerability can be exploited by authenticated, remote attackers.

Recommendations For Cisco IOS XE versions 3.8S(.2) and earlier, update to a newer version that includes the fix for this issue, as confirmed by Cisco in their security notice.