7.1
CVE-2015-0608
- EPSS 1.78%
- Veröffentlicht 12.02.2015 01:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.78% | 0.753 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0608
http://tools.cisco.com/security/center/viewAlert.x?alertId=37421
http://www.securityfocus.com/bid/72566
http://www.securitytracker.com/id/1031731
https://exchange.xforce.ibmcloud.com/vulnerabilities/100808