CVE-2015-0609Race Condition in Cisco IOS

CWE-362Race Condition4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.6%
top 30.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedFeb 16
Latest updateMay 17

Description

Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCuj96752.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios15.4\(2\)t3+9

🔴Vulnerability Details

2
GHSA
GHSA-g877-g592-m3jw: Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 152022-05-17
CVEList
CVE-2015-0609: Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 152015-02-16

📋Vendor Advisories

1
Cisco
Cisco IOS Measurement, Aggregation, and Correlation Engine Denial of Service Vulnerability2015-02-11
CVE-2015-0609 — Race Condition in Cisco IOS | cvebase