CVE-2015-0639

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 3.6 through 3.7 before 3.7.1S Cisco IOS XE versions 3.8 through 3.15 before 3.15.0S

Description The issue allows remote attackers to cause a denial of service via malformed IPv6 packets with IPv4 UDP encapsulation when MMON or NBAR is enabled. Successful exploitation could trigger a reload of the forwarding plane, causing an interruption of services, and repeated exploitation could result in a sustained denial of service condition.

Recommendations For versions 3.6 through 3.7 before 3.7.1S, update to version 3.7.1S or later. For versions 3.8 through 3.15 before 3.15.0S, update to the respective fixed version for each release, such as 3.8.0S for version 3.8, 3.9.0S for version 3.9, and so on, up to 3.15.0S for version 3.15. As a temporary workaround, consider disabling MMON or NBAR to minimize the risk of exploitation.