CVE: Common Vulnerabilities and Exposures

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability.

CWE 1 Total

CWE-388: Error Handling

CVSS 1 Total

Product Status

Versions 97 Total

Default Status: unknown

affected

References 1 Total

sec.cloudapps.cisco.com: cisco-sa-ios-xe-l2tp-dos-eB5tuFmV
external site

Updated: 2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

sec.cloudapps.cisco.com: cisco-sa-ios-xe-l2tp-dos-eB5tuFmV
external site
x_transferred