CVE-2015-0710

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 3.10S

Description A vulnerability exists in the Overlay Transport Virtualization (OTV) implementation, allowing remote attackers to cause a denial of service (device reload) via a series of packets that trigger improper fragmentation handling. The issue arises from improper processing of oversized OTV frames passing through an affected device. An attacker could exploit this by sending packets that are processed as oversized OTV frames, requiring fragmentation and reassembly, which may cause the device to reload. The attacker must be on the same broadcast or collision domain as the targeted device to exploit this vulnerability.

Recommendations For Cisco IOS XE version 3.10S, update to a newer version that includes the software updates released by Cisco to fix the issue. As a temporary workaround, consider restricting access to the OTV processing code to minimize the risk of exploitation.