16
Release Notes for the Cisco Catalyst Blade Switch 3020 for HP, Cisco IOS Release 12.2(55)SE and Later
OL-22861-04
Resolved Caveats
•
CSCtr28857
A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS
Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a
reload of an affected device. Repeated attempts to exploit this vulnerability could result in a
sustained denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate
this vulnerability are available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-msdp
•
CSCtr91106
A vulnerability exists in the Cisco IOS Software that may allow a remote application or device to
exceed its authorization level when authentication, authorization, and accounting (AAA)
authorization is used. This vulnerability requires that the HTTP or HTTPS server is enabled on the
Cisco IOS device.
Products that are not running Cisco IOS Software are not vulnerable.
Cisco has released free software updates that address these vulnerabilities.
The HTTP server may be disabled as a workaround for the vulnerability described in this advisory.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-pai
•
CSCts34688
The switch crashes due to the "HACL Acl Manager" memory fragmentation when a large access
control list (ACL) is modified.
The workaround is add or remove ACE entries in sequential order when the ACL is modified.
•
CSCts75641
Routing Information Protocol (RIP) Version 2 packets egressing an 801.1Q tunnel interface are
triplicated.
There is no workaround.
•
CSCtt16051
Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an
unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature
is enabled. The vulnerability is triggered when an affected device processes a malformed Smart
Install message on TCP port 4786.
Cisco has released free software updates that address this vulnerability. There are no workarounds
to mitigate this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20120328-smartinstall