CVE-2015-0608Race Condition in Cisco IOS

CWE-362Race Condition4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.6%
top 30.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedFeb 12
Latest updateMay 17

Description

Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios15.4\(2\)t3+9

🔴Vulnerability Details

2
GHSA
GHSA-65rh-573h-vgw7: Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 152022-05-17
CVEList
CVE-2015-0608: Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 152015-02-12

📋Vendor Advisories

1
Cisco
Cisco IOS Measurement, Aggregation, and Correlation Engine Denial of Service Vulnerability2015-02-11
CVE-2015-0608 — Race Condition in Cisco IOS | cvebase