CVE-2015-0608

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.4(2)T3 and earlier

Description A race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching. The vulnerability can be exploited by sending crafted traffic to an affected router. The attacker may need access to trusted, internal networks behind a firewall to send crafted traffic to the targeted device.

Recommendations For Cisco IOS versions 15.4(2)T3 and earlier, update to a newer version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.