CVE-2014-2108

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 and 15.0 through 15.3 Cisco IOS XE versions 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S

Description The issue is related to the processing of malformed IKEv2 packets by the affected devices, which could allow an unauthenticated, remote attacker to cause a reload of the device, leading to a denial of service condition. Although IKEv2 is automatically enabled on Cisco IOS Software and Cisco IOS XE Software devices when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled, the vulnerability can be triggered only by sending a malformed IKEv2 packet. Only IKEv2 packets can trigger this vulnerability.

Recommendations For Cisco IOS versions 12.2 and 15.0 through 15.3, update to a version that includes the fix for this issue. For Cisco IOS XE versions 3.2 through 3.7, update to version 3.7.5S or later. For Cisco IOS XE versions 3.8 through 3.10, update to version 3.10.1S or later.