A vulnerability in the RADIUS client feature of Cisco IOS Software could allow an authenticated, remote attacker to cause a reload of the affected device.
The vulnerability is due to improper parsing of malformed RADIUS packets returned by a RADIUS server. An attacker could exploit this vulnerability by configuring a RADIUS server with a shared RADIUS secret and returning malformed answers back to a RADIUS client on an affected Cisco device. An exploit could allow the attacker to cause a reload of the affected device.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: