CVE-2011-2058

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
22/10/2011
Last modified:
11/04/2025

Description

The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:* 12.2 (including) 12.2\(33\)sxi7 (excluding)