Release Notes

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 4503-E Switch

Release Notes for the Catalyst 4500E Series Switch, Cisco IOS XE Release 3.3.xSG

OL-26675-02

Caveats

–

Enter shut then no shut on the port. CSCua63562

• If a switch enabled with Bidir PIM has a software tunnel interface pointing towards the RP upstream,

packet drops are observed.

Workaround: None. Consider using a physical interface pointing towards RP upstream.

CSCtz11352

• A switch running Cisco XE 3.3.0SG crashes when you use SPAN.

Workaround: None. CSCua12869

• After logging “Authorization succeeded for client (Unknown MAC)” , a switch crashes if the

following conditions apply:

–

A switchport is configured with both of the following:

authentication event server dead action authorize...

authentication event server alive action reinitalize

–

The RADIUS server was down previously, and a port without traffic (for example: a hub with

no devices attached) was authorized into the inaccessible authentication bypass (IAB) VLAN

without an associated MAC address.

–

The RADIUS server becomes available again, and a dot1x client attempts to authenticate.

Workaround: None. CSCtx61557

• Traffic is dropped on a particular tx-queue of an EtherChannel member interfacere configured with

a queuing policy. However, it will still appear in an egress span session of the EtherChannel.

The show platform software interface tx-queue command will display an incorrect number of

configured queues (compare to EtherChannel members that are not dropping traffic).

Workaround: Enter shut then no shut on the port. CSCua66962

• While running flexible netflow, the extended VLAN range of 1024-4000 is not observed in the

software cache flow.

Workaround: None CSCtz95537

• Front panel power supply LEDs do not always correspond to power supply state.

Workaround: None. CSCtz01430

• The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS)

vulnerability when processing specially crafted packets that can cause a reload of the device.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc

CSCty88456

• Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to

cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a

single DHCP packet to or through an affected device, causing the device to reload.

Cisco has released free software updates that address this vulnerability. A workaround that mitigates

this vulnerability is available. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcp

CSCty96049