CVE-2015-0609

Cisco IOS < 15.4(2)T3 - Denial of Service via Race Condition in Common Classification Engine

Title source: llm

Description

Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCuj96752.

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/72564

Vendor Advisory vendor-advisory x_refsource_cisco

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0609

Vendor Advisory x_refsource_confirm

http://tools.cisco.com/security/center/viewAlert.x?alertId=37420

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1031731

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/100809

Scores

EPSS 0.0117

EPSS Percentile 63.6%

Details

CWE

CWE-362

Status published

Products (10)

cisco/ios 15.4\(1\)t

cisco/ios 15.4\(1\)t1

cisco/ios 15.4\(1\)t2

cisco/ios 15.4\(1\)t3

cisco/ios 15.4\(1\)t4

cisco/ios 15.4\(2\)t

cisco/ios 15.4\(2\)t1

cisco/ios 15.4\(2\)t2

cisco/ios 15.4t

cisco/ios < 15.4\(2\)t3

Published Feb 16, 2015

Tracked Since Feb 18, 2026