First published: Wed Apr 13 2022(Updated: )
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdb-cmicr-dos-KJjFtNb
Credit: These vulnerabilities were found during internal security testing.
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco IOS Software | >=15.2(5)EX<=15.2(7)E and earlier<15.2(7)E5 | 15.2(7)E5 |
Cisco IOS Software | =15.2(8)E<15.2(8)E1=15.2(7)E and earlier<15.2(7)E5 | 15.2(8)E1 15.2(7)E5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
The severity level of Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities is medium.
An attacker can execute persistent code at boot time or permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition.
This vulnerability affects Cisco IOS Software versions 15.2(5)EX up to 15.2(7)E5 and 15.2(8)E up to 15.2(8)E1.
To fix this vulnerability, update the affected Cisco IOS Software to version 15.2(7)E5 or 15.2(8)E1 or later.