Cisco Multiple Products Extensible Authentication Protocol Denial of Service Vulnerability

Cisco Multiple Products Extensible Authentication Protocol Denial of Service Vulnerability

Multiple Cisco products running Cisco IOS and CatOS are prone to a denial-of-service vulnerability that resides in the Extensible Authentication Protocol (EAP).

An attacker can exploit this issue to cause the affected devices to reload, denying service to legitimate users. Repeat attacks will result in a prolonged denial-of-service condition.

The following devices are affected:

- Cisco Access Points and 1310 Wireless Bridges running Cisco IOS in autonomous mode
- All Cisco switches running vulnerable versions of Cisco IOS
- All Cisco switches running vulnerable versions of Cisco CatOS

NOTE: EAP is not configured by default on the devices listed above.