Cisco IOS XE Software Vulnerability Could Lead to Denial of Service

CVE-2024-20259

8.6HIGH

Key Information

Vendor: Cisco
Status: Cisco iOS Xe Software
Vendor: CVE Published:; 27 March 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Note: The attack vector is listed as network because a DHCP relay anywhere on the network could allow exploits from networks other than the adjacent one.

Affected Version(s)

Cisco IOS XE Software = 17.1.1

Cisco IOS XE Software = 17.1.1a

Cisco IOS XE Software = 17.1.1s

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Aug 27, 2024
Vulnerability published
Mar 27, 2024
Vulnerability Reserved
Nov 8, 2023

Collectors

NVD DatabaseMitre Database