CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:N/I:N/A:C
EPSS
Percentile
34.4%
A vulnerability in the RADIUS client feature of Cisco IOS Software could allow an authenticated, remote attacker to cause a reload of the affected device.
The vulnerability is due to improper parsing of malformed RADIUS packets returned by a RADIUS server. An attacker could exploit this vulnerability by configuring a RADIUS server with a shared RADIUS secret and returning malformed answers back to a RADIUS client on an affected Cisco device. An exploit could allow the attacker to cause a reload of the affected device.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: