The packet-reassembly implementation in Cisco IOS XE 3.13S and previous versions allows remote malicious users to cause a denial of service (CPU consumption or packet loss) via fragmented (1) IPv4 or (2) IPv6 packets that trigger ATTN-3-SYNC_TIMEOUT errors after reassembly failures, aka Bug ID CSCuo37957.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios xe 3.11s.2 |
||
cisco ios xe 2.5.0 |
||
cisco ios xe 2.6.1 |
||
cisco ios xe 3.13s.0 |
||
cisco ios xe 2.3.1t |
||
cisco ios xe 2.1.0 |
||
cisco ios xe 3.10s.0a |
||
cisco ios xe 2.2.3 |
||
cisco ios xe 3.10s.0 |
||
cisco ios xe 2.3.0t |
||
cisco ios xe 2.2.1 |
||
cisco ios xe 3.12s.0 |
||
cisco ios xe 2.4.0 |
||
cisco ios xe 3.12s.1 |
||
cisco ios xe 2.3.0 |
||
cisco ios xe 2.5.1 |
||
cisco ios xe 3.10s.2 |
||
cisco ios xe 2.6.2 |
||
cisco ios xe 2.1.1 |
||
cisco ios xe 3.11s.0 |
||
cisco ios xe 2.4.1 |
||
cisco ios xe 3.10s.3 |
||
cisco ios xe 2.3.2 |
||
cisco ios xe 2.1.2 |
||
cisco ios xe 2.6.0 |
||
cisco ios xe 3.11s.1 |
||
cisco ios xe 3.10s.1 |
||
cisco ios xe 2.5.2 |
||
cisco ios xe 2.2.2 |