CVE-2024-20259

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-20259
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: The attack vector is listed as network because a DHCP relay anywhere on the network could allow exploits from networks other than the adjacent one.

8.6 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z
Configurations

No configuration.

History

21 Nov 2024, 08:52

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad en la función de espionaje DHCP del software Cisco IOS XE podría permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue inesperadamente, lo que resultaría en una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe a que un paquete de solicitud DHCP IPv4 manipulado se maneja mal cuando el análisis de endpoints está habilitado. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud DHCP manipulada a través de un dispositivo afectado. Un exploit exitoso podría permitir que el atacante provoque que el dispositivo se recargue, lo que resultaría en una condición DoS. Nota: El vector de ataque aparece como red porque una retransmisión DHCP en cualquier lugar de la red podría permitir ataques desde redes distintas a la adyacente.
References () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z - () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z -

27 Mar 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-27 17:15

Updated : 2024-11-21 08:52

NVD link : CVE-2024-20259

Mitre link : CVE-2024-20259

CVE.ORG link : CVE-2024-20259

JSON object : View

Products Affected

No product.

CWE
CWE-122

Heap-based Buffer Overflow


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024