CVE-2014-3276

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) version 1.2(.1 patch 2) and earlier

Description The issue arises from improper handling of deadlock conditions during the reception of crafted RADIUS accounting packets from multiple NAS devices. This allows remote authenticated users to cause a denial of service, resulting in a RADIUS outage, by sourcing these packets from two origins.

Recommendations For Cisco Identity Services Engine (ISE) version 1.2(.1 patch 2) and earlier, consider applying a patch or update to resolve the issue, as the current version does not properly handle deadlock conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.