This vulnerability affects Cisco Catalyst 6500 switches running Cisco IOS XE Software Release 16.1.x or earlier releases, if ROMMON is enabled. Cisco IOS XE Software releases 16.2.x, 16.3.x, and 17.0.x are not affected by this vulnerability. Cisco IOS XE Software releases 18.0.x through 18.5.x are not affected by this vulnerability. Cisco IOS XE Software releases 15.0.0 through 15.6.x are not affected by this vulnerability. Cisco recommends that customers apply the latest available patch or upgrade to prevent this vulnerability. Cisco has released software updates. End users should apply these updates. For information about how to do this, see: https://support.cisco.com/HTTPSendMyUpdates

Overview

This vulnerability resides in the ROMMON feature on Cisco Catalyst 6500 switches running Cisco IOS XE Software Release 16.1.x or earlier releases, if ROMMON is enabled. The vulnerability exists in the way that the affected software handles certain types of network packets during processing.
Cisco recommends that customers apply the latest available patch or upgrade to prevent this vulnerability. Cisco has released software updates. End users should apply these updates. For information about how to do this, see: https://support.cisco.com/HTTPSendMyUpdates

How to determine which Cisco IOS version is running on your switch

The following command can be used to determine which Cisco IOS version is running on your switch. The output is similar to the following:
Cisco Catalyst 6500:
Cisco IOS Software, C6K16-L3-MULTIHOP-SVARPS, Version 15.1(1)M3, RELEASE SOFTWARE (fc2)
Memory Module Information ------------- -------------- Total Memory: 128 MB Total Switches in System: 1 Total Uptime: 3 days, 04 hour; 19 minute System image file is "flash:/c6k16-p/m3/smp_m3.sbu"

Timeline

Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/13/2022 19:24:00 UTC

References