Lucene search

CiscoCISCO-SA-IOSXE-DHCP-DOS-JSCKX43H

HistorySep 24, 2020 - 4:00 p.m.

Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability

2020-09-2416:00:00

tools.cisco.com

cisco cbr-8

converged broadband routers

dhcp

denial of service

vulnerability

cisco ios xe software

remote attacker

crash

error handling

dhcpv4

wan interfaces

software updates

security advisory

advisory bundled publication

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition.

The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device.

Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces:

10 Gbps Ethernet interfaces
100 Gbps Ethernet interfaces
Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h”]

This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74268”].

Affected configurations

Vulners

Node

ciscocisco_ios_xe_softwareMatch3.15s

ciscocisco_ios_xe_softwareMatch3.16s

ciscocisco_ios_xe_softwareMatch3.17s

ciscocisco_ios_xe_softwareMatch16.4

ciscocisco_ios_xe_softwareMatch16.5

ciscocisco_ios_xe_softwareMatch3.18s

ciscocisco_ios_xe_softwareMatch3.18sp

ciscocisco_ios_xe_softwareMatch16.6

ciscocisco_ios_xe_softwareMatch16.7

ciscocisco_ios_xe_softwareMatch16.8

ciscocisco_ios_xe_softwareMatch16.9

ciscocisco_ios_xe_softwareMatch16.10

ciscocisco_ios_xe_softwareMatch16.12

ciscocisco_ios_xe_softwareMatch17.1

ciscocisco_ios_xe_softwareMatchany

ciscocisco_ios_xe_softwareMatch3.15.0s

ciscocisco_ios_xe_softwareMatch3.15.1s

ciscocisco_ios_xe_softwareMatch3.15.2s

ciscocisco_ios_xe_softwareMatch3.15.3s

ciscocisco_ios_xe_softwareMatch3.16.0s

ciscocisco_ios_xe_softwareMatch3.16.1s

ciscocisco_ios_xe_softwareMatch3.16.2s

ciscocisco_ios_xe_softwareMatch3.17.0s

ciscocisco_ios_xe_softwareMatch3.17.1s

ciscocisco_ios_xe_softwareMatch3.17.2s

ciscocisco_ios_xe_softwareMatch16.4.1

ciscocisco_ios_xe_softwareMatch16.5.1

ciscocisco_ios_xe_softwareMatch3.18.0as

ciscocisco_ios_xe_softwareMatch3.18.1s

ciscocisco_ios_xe_softwareMatch3.18.0sp

ciscocisco_ios_xe_softwareMatch3.18.1sp

ciscocisco_ios_xe_softwareMatch3.18.1asp

ciscocisco_ios_xe_softwareMatch3.18.2asp

ciscocisco_ios_xe_softwareMatch3.18.3sp

ciscocisco_ios_xe_softwareMatch3.18.4sp

ciscocisco_ios_xe_softwareMatch3.18.3asp

ciscocisco_ios_xe_softwareMatch3.18.3bsp

ciscocisco_ios_xe_softwareMatch3.18.5sp

ciscocisco_ios_xe_softwareMatch3.18.6sp

ciscocisco_ios_xe_softwareMatch16.6.1

ciscocisco_ios_xe_softwareMatch16.6.2

ciscocisco_ios_xe_softwareMatch16.7.1

ciscocisco_ios_xe_softwareMatch16.7.1a

ciscocisco_ios_xe_softwareMatch16.7.1b

ciscocisco_ios_xe_softwareMatch16.7.2

ciscocisco_ios_xe_softwareMatch16.7.3

ciscocisco_ios_xe_softwareMatch16.7.4

ciscocisco_ios_xe_softwareMatch16.8.1

ciscocisco_ios_xe_softwareMatch16.8.1d

ciscocisco_ios_xe_softwareMatch16.8.1e

ciscocisco_ios_xe_softwareMatch16.9.1

ciscocisco_ios_xe_softwareMatch16.9.1a

ciscocisco_ios_xe_softwareMatch16.10.1

ciscocisco_ios_xe_softwareMatch16.10.1c

ciscocisco_ios_xe_softwareMatch16.10.1d

ciscocisco_ios_xe_softwareMatch16.10.1f

ciscocisco_ios_xe_softwareMatch16.10.1g

ciscocisco_ios_xe_softwareMatch16.12.1

ciscocisco_ios_xe_softwareMatch16.12.1w

ciscocisco_ios_xe_softwareMatch16.12.2s

ciscocisco_ios_xe_softwareMatch16.12.2t

ciscocisco_ios_xe_softwareMatch16.12.3s

ciscocisco_ios_xe_softwareMatch16.12.5a

ciscocisco_ios_xe_softwareMatch17.1.1

ciscocisco_ios_xe_softwareMatch17.1.1s

ciscocisco_ios_xe_softwareMatch17.1.1t

ciscocisco_ios_xe_softwareMatchany

VendorProductVersionCPE
ciscocisco_ios_xe_software3.15scpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.16scpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.17scpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.4cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.5cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18scpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18spcpe:2.3:a:cisco:cisco_ios_xe_software:3.18sp:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.6cpe:2.3:a:cisco:cisco_ios_xe_software:16.6:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.7cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.8cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios_xe_software	3.15s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:::::::*
cisco	cisco_ios_xe_software	3.16s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:::::::*
cisco	cisco_ios_xe_software	3.17s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:::::::*
cisco	cisco_ios_xe_software	16.4	cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:::::::*
cisco	cisco_ios_xe_software	16.5	cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:::::::*
cisco	cisco_ios_xe_software	3.18s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:::::::*
cisco	cisco_ios_xe_software	3.18sp	cpe:2.3:a:cisco:cisco_ios_xe_software:3.18sp:::::::*
cisco	cisco_ios_xe_software	16.6	cpe:2.3:a:cisco:cisco_ios_xe_software:16.6:::::::*
cisco	cisco_ios_xe_software	16.7	cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:::::::*
cisco	cisco_ios_xe_software	16.8	cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:::::::*