Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS cat6000-dot1x组件输入验证错误漏洞
Vulnerability Description
Cisco IOS是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS 12.2(33)SXI7之前的12.2版本中的cat6000-dot1x组件存在输入验证错误漏洞,该漏洞源于程序没有正确处理(1)dot1x的激活端口和开放认证的dot1x的激活端口之间的循环(2)dot1x的激活端口和非dot1x端口之间的循环。远程攻击者可借助触发许多生成树协议(STP)网桥协议数据单元(BPDU)框架的未明向量利用该漏洞导致拒绝服务(通信风暴)。
CVSS Information
N/A
Vulnerability Type
N/A