CVE-2015-0608

Cisco IOS < 15.4(2)T3 - Denial of Service via MACE Process Switching Race Condition

Title source: llm

Description

Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736.

References (5)

Core 5

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0608

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/72566

Vendor Advisory x_refsource_confirm

http://tools.cisco.com/security/center/viewAlert.x?alertId=37421

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/100808

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1031731

Scores

EPSS 0.0178

EPSS Percentile 75.4%

Details

CWE

CWE-362

Status published

Products (10)

cisco/ios 15.4\(1\)t

cisco/ios 15.4\(1\)t1

cisco/ios 15.4\(1\)t2

cisco/ios 15.4\(1\)t3

cisco/ios 15.4\(1\)t4

cisco/ios 15.4\(2\)t

cisco/ios 15.4\(2\)t1

cisco/ios 15.4\(2\)t2

cisco/ios 15.4t

cisco/ios < 15.4\(2\)t3

Published Feb 12, 2015

Tracked Since Feb 18, 2026