Race condition

2019-03-2800:29:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.2%

JSON

A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol (CDP) packets used with the Easy Virtual Switching System. An attacker could exploit this vulnerability by sending a specially crafted CDP packet. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

CPENameOperatorVersion
ios_xeeq3.6.5-be
ios_xeeq3.9.101
ios_xeeq3.8.3101
ios_xeeq3.6.5-ae
ios_xeeq3.7.1101
ios_xeeq3.6.4101
ios_xeeq3.6.6101
ios_xeeq3.6.101
ios_xeeq3.6.2-ae
ios_xeeq3.8.4101

Name	Operator	Version
ios_xe	eq	3.6.5-be
ios_xe	eq	3.9.101
ios_xe	eq	3.8.3101
ios_xe	eq	3.6.5-ae
ios_xe	eq	3.7.1101
ios_xe	eq	3.6.4101
ios_xe	eq	3.6.6101
ios_xe	eq	3.6.101
ios_xe	eq	3.6.2-ae
ios_xe	eq	3.8.4101