CVE-2023-20080 - Improper Validation of Array Index

Severity

75%

Complexity

39%

Confidentiality

60%

A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.

CVSS 3.1 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Demo Examples

Improper Validation of Array Index

CWE-129

In the code snippet below, an untrusted integer value is used to reference an object in an array.


               
}
return array[index];

If index is outside of the range of the array, this may result in an ArrayIndexOutOfBounds Exception being raised.

Improper Validation of Array Index

CWE-129

The following example takes a user-supplied value to allocate an array of objects and then operates on the array.


               
}
list[0] = new Widget();
die("Negative value supplied for list size, die evil hacker!");

This example attempts to build a list from a user-specified value, and even checks to ensure a non-negative value is supplied. If, however, a 0 value is provided, the code will build an array of size 0 and then try to store a new Widget in the first location, causing an exception to be thrown.

Improper Validation of Array Index

CWE-129

In the following code, the method retrieves a value from an array at a specific array index location that is given as an input parameter to the method


               
}

                     
return value;// check that the array index is less than the maximum// length of the array

                           
value = array[index];// get the value at the specified index of the array
// if array index is invalid then output error message// and return value indicating error
value = -1;

However, this method only verifies that the given array index is less than the maximum length of the array but does not check for the minimum value (CWE-839). This will allow a negative value to be accepted as the input array index, which will result in a out of bounds read (CWE-125) and may allow access to sensitive memory. The input array index should be checked to verify that is within the maximum and minimum range required for the array (CWE-129). In this example the if statement should be modified to include a minimum range check, as shown below.


               
...// check that the array index is within the correct// range of values for the array

Improper Validation of Array Index

CWE-129

The following example retrieves the sizes of messages for a pop3 mail server. The message sizes are retrieved from a socket that returns in a buffer the message number and the message size, the message number (num) and size (size) are extracted from the buffer and the message size is placed into an array using the message number for the array index.


               
}/* capture the sizes of all messages */

                     

                        // read values from socket and added to sizes array

                           

                              // continue read from socket until buf only contains '.'
break;
sizes[num - 1] = size;
...

In this example the message number retrieved from the buffer could be a value that is outside the allowable range of indices for the array and could possibly be a negative number. Without proper validation of the value to be used for the array index an array overflow could occur and could potentially lead to unauthorized access to memory addresses and system crashes. The value of the array index should be validated to ensure that it is within the allowable range of indices for the array as in the following code.


               
}/* capture the sizes of all messages */

                     

                        // read values from socket and added to sizes array

                           
}// continue read from socket until buf only contains '.'
break;

                                 

                                    
sizes[num - 1] = size;

                                       
report(stderr, "Warning: ignoring bogus data for message sizes returned by server.\n");/* warn about possible attempt to induce buffer overflow */
...

Improper Validation of Array Index

CWE-129

In the following example the method displayProductSummary is called from a Web service servlet to retrieve product summary information for display to the user. The servlet obtains the integer value of the product number from the user and passes it to the displayProductSummary method. The displayProductSummary method passes the integer value of the product number to the getProductSummary method which obtains the product summary from the array object containing the project summaries using the integer value of the product number as the array index.


               
}// Method called from servlet to obtain product information

                     
return productSummary;
String productSummary = getProductSummary(index);
return products[index];

In this example the integer value used as the array index that is provided by the user may be outside the allowable range of indices for the array which may provide unexpected results or cause the application to fail. The integer value used for the array index should be validated to ensure that it is within the allowable range of indices for the array as in the following code.


               
}// Method called from servlet to obtain product information

                     
return productSummary;
String productSummary = getProductSummary(index);

                     
return productSummary;
productSummary = products[index];
throw new IndexOutOfBoundsException();

An alternative in Java would be to use one of the collection objects such as ArrayList that will automatically generate an exception if an attempt is made to access an array index that is out of bounds.


               
} catch (IndexOutOfBoundsException ex) {...}
productSummary = (String) productArray.get(index);

Improper Validation of Array Index

CWE-129

The following example asks a user for an offset into an array to select an item.


               
}
printf("You selected %s\n", items[index-1]);

The programmer allows the user to specify which element in the list to select, however an attacker can provide an out-of-bounds offset, resulting in a buffer over-read (CWE-126).

Overview

Type

Cisco IOS

First reported 1 year ago

2023-03-23 17:15:00

Last updated 1 year ago

2023-11-07 04:05:00

Affected Software

Cisco IOS 15.2(4)EA

15.2\(4\)ea

Cisco IOS 15.4(2)S2

15.4\(2\)s2

Cisco IOS 15.3(2)S1

15.3\(2\)s1

Cisco IOS XE 3.10.6S

3.10.6s

Cisco IOS 15.1(2)SY10

15.1\(2\)sy10

Cisco IOS XE 3.6.5BE

3.6.5be

Cisco IOS 15.5(1)T1

15.5\(1\)t1

Cisco IOS 15.4(2)S4

15.4\(2\)s4

Cisco IOS 15.2(2)E5B

15.2\(2\)e5b

Cisco IOS 15.3(2)s

15.3\(2\)s

Cisco IOS XE 3.14.4S

3.14.4s

Cisco IOS 15.2(2)SY

15.2\(2\)sy

Cisco IOS XE 3.15.1cS

3.15.1cs

Cisco IOS 15.1(2)SG4

15.1\(2\)sg4

Cisco IOS 15.2(4)M7

15.2\(4\)m7

Cisco IOS 15.1(2)SG1

15.1\(2\)sg1

Cisco IOS 15.5(3)S1A

15.5\(3\)s1a

Cisco IOS XE 3.4.1SG

3.4.1sg

Cisco IOS 15.2(4)EA4

15.2\(4\)ea4

Cisco IOS 15.5(1)T3

15.5\(1\)t3

Cisco IOS 15.2(1)SY1A

15.2\(1\)sy1a

Cisco IOS 15.3(2)T2

15.3\(2\)t2

Cisco IOS 15.2(2)E3

15.2\(2\)e3

Cisco IOS 15.2(4)EC1

15.2\(4\)ec1

Cisco IOS XE 3.6.5AE

3.6.5ae

Cisco IOS 15.2(1)SY

15.2\(1\)sy

Cisco IOS 15.4(3)S4

15.4\(3\)s4

Cisco IOS 15.3(3)S5

15.3\(3\)s5

Cisco IOS 15.4(1)SY

15.4\(1\)sy

Cisco IOS XE 3.6.6E

3.6.6e

Cisco IOS XE 3.8.0s

3.8.0s

Cisco IOS 151.1(2)SY3

15.1\(2\)sy3

Cisco IOS 15.6(2)SP

15.6\(2\)sp

Cisco IOS 15.2(4)S7

15.2\(4\)s7

Cisco IOS 15.2(4M)E3

15.2\(4m\)e3

Cisco IOS XE 3.8.1S

3.8.1s

Cisco IOS XE 3.14.1S

3.14.1s

Cisco IOS 15.4(3)M2

15.4\(3\)m2

Cisco IOS XE 3.7.1s

3.7.1s

Cisco IOS 15.5(1)S2

15.5\(1\)s2

Cisco IOS 15.1(4)M8

15.1\(4\)m8

Cisco IOS 15.2(2)E6

15.2\(2\)e6

Cisco IOS 15.4(2)T1

15.4\(2\)t1

Cisco IOS 15.2(1)E2

15.2\(1\)e2

Cisco IOS 15.4(1)T2

15.4\(1\)t2

Cisco IOS 15.2(2)S1

15.2\(2\)s1

Cisco IOS 15.2(4)S4A

15.2\(4\)s4a

Cisco IOS 15.2(2)EA2

15.2\(2\)ea2

Cisco IOS 15.6(3)M3

15.6\(3\)m3

Cisco IOS XE 3.10.5S

3.10.5s

Cisco IOS 15.2(4)S2

15.2\(4\)s2

Cisco IOS XE 3.5.1E

3.5.1e

Cisco IOS 15.2(2)S0A

15.2\(2\)s0a

Cisco IOS XE 3.4.2SG

3.4.2sg

Cisco IOS XE 3.9.0AS

3.9.0as

Cisco IOS XE 3.4.4SG

3.4.4sg

Cisco IOS 15.5(3)SN

15.5\(3\)sn

Cisco IOS 15.4(3)S2

15.4\(3\)s2

Cisco IOS XE 3.9.1AS

3.9.1as

Cisco IOS 15.5(2)T

15.5\(2\)t

Cisco IOS 15.2(1)S1

15.2\(1\)s1

Cisco IOS 15.2(1)SY3

15.2\(1\)sy3

Cisco IOS XE 3.10.1S

3.10.1s

Cisco IOS 15.2(4)S6

15.2\(4\)s6

Cisco IOS 15.5(2)s

15.5\(2\)s

Cisco IOS 15.4(1)S

15.4\(1\)s

Cisco IOS XE 3.9.0s

3.9.0s

Cisco IOS XE 3.17.1AS

3.17.1as

Cisco IOS XE 3.10.2S

3.10.2s

Cisco IOS 15.3(3)S3

15.3\(3\)s3

Cisco IOS 15.2(4)GC1

15.2\(4\)gc1

Cisco IOS XE 3.4.6SG

3.4.6sg

Cisco IOS 15.4(2)T2

15.4\(2\)t2

Cisco IOS 15.3(1)S2

15.3\(1\)s2

Cisco IOS 15.1(2)SY1

15.1\(2\)sy1

Cisco IOS 15.2(3)E5

15.2\(3\)e5

Cisco IOS 15.4(1)S1

15.4\(1\)s1

Cisco IOS 15.5(3)M3

15.5\(3\)m3

Cisco IOS 15.2(5A)E1

15.2\(5a\)e1

Cisco IOS XE 3.18.0AS

3.18.0as

Cisco IOS XE 3.7.4AS

3.7.4as

Cisco IOS 15.2(4N)E2

15.2\(4n\)e2

Cisco IOS XE 3.7.0BS

3.7.0bs

Cisco IOS 15.5(3)M2

15.5\(3\)m2

Cisco IOS 15.6(3)M2A

15.6\(3\)m2a

Cisco IOS 15.5(2)T3

15.5\(2\)t3

Cisco IOS 15.2(2a)E1

15.2\(2a\)e1

Cisco IOS 15.5(2)S1

15.5\(2\)s1

Cisco IOS 15.5(2)S4

15.5\(2\)s4

Cisco IOS XE 3.6.7E

3.6.7e

Cisco IOS XE 3.9.2S

3.9.2s

Cisco IOS 15.2(2)E2

15.2\(2\)e2

Cisco IOS 15.3(1)S1

15.3\(1\)s1

Cisco IOS XE 3.16.0cS

3.16.0cs

Cisco IOS 15.2(2)S0C

15.2\(2\)s0c

Cisco IOS 15.2(1)E

15.2\(1\)e

Cisco IOS 15.2(3)E3

15.2\(3\)e3

Cisco IOS 15.2(4)E

15.2\(4\)e

Cisco IOS 15.4(3)M3

15.4\(3\)m3

Cisco IOS XE 3.11.2S

3.11.2s

Cisco IOS 15.2(4)M5

15.2\(4\)m5

Cisco IOS 15.1(2)SG6

15.1\(2\)sg6

Cisco IOS 15.2(2)E1

15.2\(2\)e1

Cisco IOS XE 3.14.3S

3.14.3s

Cisco IOS 15.4(2)T3

15.4\(2\)t3

Cisco IOS 15.2(1)SY2

15.2\(1\)sy2

Cisco IOS 15.5(3)M

15.5\(3\)m

Cisco IOS 15.2(4)EA1

15.2\(4\)ea1

Cisco IOS 15.3(3)S6

15.3\(3\)s6

Cisco IOS 15.1(2)SY6

15.1\(2\)sy6

Cisco IOS XE 3.17.2S

3.17.2s

Cisco IOS XE 3.10.1XBS

3.10.1xbs

Cisco IOS 15.2(4)GC3

15.2\(4\)gc3

Cisco IOS 15.3(3)S1A

15.3\(3\)s1a

Cisco IOS 15.3(1)SY1

15.3\(1\)sy1

Cisco IOS 15.3(1)SY2

15.3\(1\)sy2

Cisco IOS 15.6(2)SN

15.6\(2\)sn

Cisco IOS 15.2(4)M8

15.2\(4\)m8

Cisco IOS XE 3.4.8SG

3.4.8sg

Cisco IOS 15.3(1)SY

15.3\(1\)sy

Cisco IOS 15.2(2)E

15.2\(2\)e

Cisco IOS 15.5(1)S4

15.5\(1\)s4

Cisco IOS 15.2(4)EA3

15.2\(4\)ea3

Cisco IOS 15.2(2)EB2

15.2\(2\)eb2

Cisco IOS 15.4(1)T3

15.4\(1\)t3

Cisco IOS XE 3.10.3S

3.10.3s

Cisco IOS 15.1(2)SG3

15.1\(2\)sg3

Cisco IOS 15.2(5)EA

15.2\(5\)ea

Cisco IOS XE 3.14.0S

3.14.0s

Cisco IOS 15.5(3)m1

15.5\(3\)m1

Cisco IOS 15.4(1)S2

15.4\(1\)s2

Cisco IOS 15.4(1)SY2

15.4\(1\)sy2

Cisco IOS 15.2(3)E

15.2\(3\)e

Cisco IOS 15.1(2)SY7

15.1\(2\)sy7

Cisco IOS 15.1(2)SY8

15.1\(2\)sy8

Cisco IOS XE 3.5.2E

3.5.2e

Cisco IOS 15.2(1)S

15.2\(1\)s

Cisco IOS 15.5(3)S2

15.5\(3\)s2

Cisco IOS XE 3.10.7S

3.10.7s

Cisco IOS 15.2(4M)E1

15.2\(4m\)e1

Cisco IOS 15.2(5C)E

15.2\(5c\)e

Cisco IOS XE 3.16.1S

3.16.1s

Cisco IOS XE 3.7.5E

3.7.5e

Cisco IOS 15.2(2)SY1

15.2\(2\)sy1

Cisco IOS 15.2(1)S2

15.2\(1\)s2

Cisco IOS 15.2(1)SY4

15.2\(1\)sy4

Cisco IOS 15.4(1)SY1

15.4\(1\)sy1

Cisco IOS 15.5(3)s1

15.5\(3\)s1

Cisco IOS 15.4(3)S7

15.4\(3\)s7

Cisco IOS 15.2(3)EA

15.2\(3\)ea

Cisco IOS XE 3.4.5SG

3.4.5sg

Cisco IOS XE 3.11.0S

3.11.0s

Cisco IOS 15.2(2)S

15.2\(2\)s

Cisco IOS XE 3.12.0AS

3.12.0as

Cisco IOS XE 3.9.1s

3.9.1s

Cisco IOS 15.2(2)E4

15.2\(2\)e4

Cisco IOS 15.5(3)M0A

15.5\(3\)m0a

Cisco IOS 15.2(5)E2

15.2\(5\)e2

Cisco IOS 15.5(1)T4

15.5\(1\)t4

Cisco IOS 15.1(2)SG8

15.1\(2\)sg8

Cisco IOS 15.2(4)M6A

15.2\(4\)m6a

Cisco IOS 15.5(1)S1

15.5\(1\)s1

Cisco IOS 15.4(1)t

15.4\(1\)t

Cisco IOS 15.2(4P)E1

15.2\(4p\)e1

Cisco IOS 15.4(1)S3

15.4\(1\)s3

Cisco IOS 15.1(4)M7

15.1\(4\)m7

Cisco IOS 15.2(4)S3

15.2\(4\)s3

Cisco IOS 15.4(2)T

15.4\(2\)t

Cisco IOS 15.2(4)M10

15.2\(4\)m10

Cisco IOS 15.5(2)T2

15.5\(2\)t2

Cisco IOS XE 3.4.3SG

3.4.3sg

Cisco IOS 15.5(3)S

15.5\(3\)s

Cisco IOS 15.5(3)M6

15.5\(3\)m6

Cisco IOS 15.5(1)T

15.5\(1\)t

Cisco IOS 15.1(2)SG5

15.1\(2\)sg5

Cisco IOS 15.4(2)S1

15.4\(2\)s1

Cisco IOS XE 16.1.1

16.1.1

Cisco IOS 15.2(3a)E

15.2\(3a\)e

Cisco IOS 15.4(1)T1

15.4\(1\)t1

Cisco IOS 15.2(1)EY

15.2\(1\)ey

Cisco IOS 15.6(3)M1b

15.6\(3\)m1b

Cisco IOS XE 3.8.2E

3.8.2e

Cisco IOS 15.1(2)SY4A

15.1\(2\)sy4a

Cisco IOS XE 3.7.0s

3.7.0s

Cisco IOS XE 3.18.0S

3.18.0s

Cisco IOS 15.1(2)SY2

15.1\(2\)sy2

Cisco IOS 15.2(4)E1

15.2\(4\)e1

Cisco IOS 15.2(5b)E

15.2\(5b\)e

Cisco IOS 15.2(4)E4

15.2\(4\)e4

Cisco IOS 15.2(2)E5

15.2\(2\)e5

Cisco IOS 15.6(3)M

15.6\(3\)m

Cisco IOS 15.3(3)S4

15.3\(3\)s4

Cisco IOS 15.3(2)S2

15.3\(2\)s2

Cisco IOS 15.4(3)M5

15.4\(3\)m5

Cisco IOS XE 3.10.0S

3.10.0s

Cisco IOS 15.4(3)M4

15.4\(3\)m4

Cisco IOS 15.4(1)CG

15.4\(1\)cg

Cisco IOS XE 3.8.2S

3.8.2s

Cisco IOS 15.2(2)SY2

15.2\(2\)sy2

Cisco IOS 15.5(2)S3

15.5\(2\)s3

Cisco IOS XE 3.7.2E

3.7.2e

Cisco IOS 15.2(1)E3

15.2\(1\)e3

Cisco IOS 15.4(2)S

15.4\(2\)s

Cisco IOS 15.5(1)SY

15.5\(1\)sy

Cisco IOS 15.5(2)T4

15.5\(2\)t4

Cisco IOS 15.2(2a)E2

15.2\(2a\)e2

Cisco IOS 15.6(1)t0a

15.6\(1\)t0a

Cisco IOS 15.2(4)S4

15.2\(4\)s4

Cisco IOS 15.4(3)S

15.4\(3\)s

Cisco IOS 15.2(4)EC2

15.2\(4\)ec2

Cisco IOS 15.2(2)E5A

15.2\(2\)e5a

Cisco IOS 15.6(2)SP1

15.6\(2\)sp1

Cisco IOS 15.2(3)E1

15.2\(3\)e1

Cisco IOS 15.1(2)SG7

15.1\(2\)sg7

Cisco IOS 15.3(1)S

15.3\(1\)s

Cisco IOS 15.5(1)S

15.5\(1\)s

Cisco IOS XE 3.14.2S

3.14.2s

Cisco IOS 15.4(3)S3

15.4\(3\)s3

Cisco IOS XE 3.15.4S

3.15.4s

Cisco IOS 15.1(2)SG

15.1\(2\)sg

Cisco IOS 15.2(4)S1

15.2\(4\)s1

Cisco IOS 15.2(3M)E8

15.2\(3m\)e8

Cisco IOS 15.5(1)T2

15.5\(1\)t2

Cisco IOS XE 3.16.2BS

3.16.2bs

Cisco IOS 15.1(2)SY4

15.1\(2\)sy4

Cisco IOS XE 3.16.1AS

3.16.1as

Cisco IOS 15.5(1)S3

15.5\(1\)s3

Cisco IOS 15.2(5)EX

15.2\(5\)ex

Cisco IOS 15.5(2)T1

15.5\(2\)t1

Cisco IOS 15.3(3)S1

15.3\(3\)s1

Cisco IOS 15.6(3)M2

15.6\(3\)m2

Cisco IOS 15.3(2)T4

15.3\(2\)t4

Cisco IOS 15.5(3)M4

15.5\(3\)m4

Cisco IOS 15.2(4O)E2

15.2\(4o\)e2

Cisco IOS 15.2(4)E3

15.2\(4\)e3

Cisco IOS XE 3.13.3S

3.13.3s

Cisco IOS XE 3.7.2s

3.7.2s

Cisco IOS 15.1(2)SY5

15.1\(2\)sy5

Cisco IOS 15.2(4)M11

15.2\(4\)m11

Cisco IOS 15.1(4)M12A

15.1\(4\)m12a

Cisco IOS 15.2(5a)E

15.2\(5a\)e

Cisco IOS XE 3.4.0SG

3.4.0sg

Cisco IOS 15.2(4)M6

15.2\(4\)m6

Cisco IOS 15.2(1)SY1

15.2\(1\)sy1

Cisco IOS 15.5(3)M5

15.5\(3\)m5

Cisco IOS 15.3(3)s

15.3\(3\)s

Cisco IOS 15.5(3)S0A

15.5\(3\)s0a

Cisco IOS 15.4(3)SN1

15.4\(3\)sn1

Cisco IOS 15.2(1)E1

15.2\(1\)e1

Cisco IOS 15.4(3)M1

15.4\(3\)m1

Cisco IOS 15.4(1)T4

15.4\(1\)t4

Cisco IOS 15.3(2)T3

15.3\(2\)t3

Cisco IOS 15.5(3)S3

15.5\(3\)s3

Cisco IOS XE 3.6.5E

3.6.5e

Cisco IOS 15.2(2)E7

15.2\(2\)e7

Cisco IOS XE 3.5.0E

3.5.0e

Cisco IOS 15.1(4)M9

15.1\(4\)m9

Cisco IOS 15.4(3)S1

15.4\(3\)s1

Cisco IOS 15.2(4)GC2

15.2\(4\)gc2

Cisco IOS 15.4(1)CG1

15.4\(1\)cg1

Cisco IOS 15.2(5)E1

15.2\(5\)e1

Cisco IOS 15.2(2)EA3

15.2\(2\)ea3

Cisco IOS 15.2(4)M9

15.2\(4\)m9

Cisco IOS 15.2(2)S2

15.2\(2\)s2

Cisco IOS 15.4(2)S3

15.4\(2\)s3

Cisco IOS 15.3(3)S2

15.3\(3\)s2

Cisco IOS 15.4(3)M6

15.4\(3\)m6

Cisco IOS 15.4(3)M

15.4\(3\)m

Cisco IOS 15.2(4)S3A

15.2\(4\)s3a

Cisco IOS 15.4(3)M7

15.4\(3\)m7

Cisco IOS 15.1(4)M10

15.1\(4\)m10

Cisco IOS XE 3.4.7SG

3.4.7sg

Cisco IOS 15.1(2)SG2

15.1\(2\)sg2

Cisco IOS 15.2(1)SY0A

15.2\(1\)sy0a

Cisco IOS XE 3.11.1S

3.11.1s

Cisco IOS 15.5(2)S2

15.5\(2\)s2

Cisco IOS 15.3(2)T1

15.3\(2\)t1

Cisco IOS 15.2(4)S5

15.2\(4\)s5

Cisco IOS 15.4(2)T4

15.4\(2\)t4

Cisco IOS 15.2(4)S

15.2\(4\)s

Cisco IOS XE 16.5.1

16.5.1

Cisco IOS XE 16.3.4

16.3.4

Cisco IOS 15.2(5)E2C

15.2\(5\)e2c

Cisco IOS XE 3.9.2E

3.9.2e

Cisco IOS XE 16.5.1B

16.5.1b

Cisco IOS XE 16.4.2

16.4.2

Cisco IOS 15.2(2)SY3

15.2\(2\)sy3

Cisco IOS 15.4(3)M7A

15.4\(3\)m7a

Cisco IOS 15.4(3)M8

15.4\(3\)m8

Cisco IOS 15.5(3)M4B

15.5\(3\)m4b

Cisco IOS 15.5(3)M4C

15.5\(3\)m4c

Cisco IOS 15.5(3)M6A

15.5\(3\)m6a

Cisco IOS 15.6(3)M1A

15.6\(3\)m1a

Cisco IOS 15.6(3)M3A

15.6\(3\)m3a

Cisco IOS 15.7(3)M0A

15.7\(3\)m0a

Cisco IOS 15.7(3)M1

15.7\(3\)m1

Cisco IOS 15.7(3)M2

15.7\(3\)m2

Cisco IOS XE16.9.1

16.9.1

Cisco IOS XE 3.8.5E

3.8.5e

Cisco IOS 15.6(1)SN2

15.6\(1\)sn2

Cisco IOS 15.4(2)SN1

15.4\(2\)sn1

Cisco IOS 15.2(2B)E

15.2\(2b\)e

Cisco IOS 15.4(3)S0D

15.4\(3\)s0d

Cisco IOS 15.3(1)S1E

15.3\(1\)s1e

Cisco IOS XE 3.16.4GS

3.16.4gs

Cisco IOS 15.5(3)S6A

15.5\(3\)s6a

Cisco IOS XE 3.16.4CS

3.16.4cs

Cisco IOS 15.5(3)S6B

15.5\(3\)s6b

Cisco IOS 15.3(3)S2A

15.3\(3\)s2a

Cisco IOS 15.2(4S)E1

15.2\(4s\)e1

Cisco IOS 15.6(1)SN1

15.6\(1\)sn1

Cisco IOS XE 3.16.5BS

3.16.5bs

Cisco IOS 15.5(1)SN1

15.5\(1\)sn1

Cisco IOS XE 3.6.0AE

3.6.0ae

Cisco IOS 15.2(4)S0C

15.2\(4\)s0c

Cisco IOS 15.4(2)SN

15.4\(2\)sn

Cisco IOS 15.6(1)SN3

15.6\(1\)sn3

Cisco IOS XE 3.16.4ES

3.16.4es

Cisco IOS 15.2(3M)E7

15.2\(3m\)e7

Cisco IOS 15.4(1)SY3

15.4\(1\)sy3

Cisco IOS XE 16.3.5

16.3.5

Cisco IOS 15.2(4M)E2

15.2\(4m\)e2

Cisco IOS 12.2(6)I1

12.2\(6\)i1

Cisco IOS XE 16.5.2

16.5.2

Cisco IOS 15.4(3)S0F

15.4\(3\)s0f

Cisco IOS 15.3(0)SY

15.3\(0\)sy

Cisco IOS 15.2(4)EA6

15.2\(4\)ea6

Cisco IOS 15.2(4)S8

15.2\(4\)s8

Cisco IOS 15.2(4)EA2

15.2\(4\)ea2

Cisco IOS XE 3.9.2BE

3.9.2be

Cisco IOS 15.2(2)SC4

15.2\(2\)sc4

Cisco IOS 15.5(3)SN0A

15.5\(3\)sn0a

Cisco IOS 15.2(1)SY5

15.2\(1\)sy5

Cisco IOS 15.6(1)SN

15.6\(1\)sn

Cisco IOS 15.5(2)SN

15.5\(2\)sn

Cisco IOS XE 3.16.5AS

3.16.5as

Cisco IOS XE 3.6.0BE

3.6.0be

Cisco IOS 15.2(4)S1C

15.2\(4\)s1c

Cisco IOS 15.6(5)SN

15.6\(5\)sn

Cisco IOS 15.6(7)SN

15.6\(7\)sn

Cisco IOS 15.4(3)SN1A

15.4\(3\)sn1a

Cisco IOS 15.2(4)E5A

15.2\(4\)e5a

Cisco IOS XE 3.8.5AE

3.8.5ae

Cisco IOS 15.2(2)S0D

15.2\(2\)s0d

Cisco IOS 15.2(4Q)E1

15.2\(4q\)e1

Cisco IOS XE 3.16.0BS

3.16.0bs

Cisco IOS 15.6(4)SN

15.6\(4\)sn

Cisco IOS 15.6(3)SN

15.6\(3\)sn

Cisco IOS 15.4(3)S0E

15.4\(3\)s0e

Cisco IOS 15.2(2)SC3

15.2\(2\)sc3

Cisco IOS 15.5(3)S6

15.5\(3\)s6

Cisco IOS 15.5(1)SN

15.5\(1\)sn

Cisco IOS 15.2(4)E5

15.2\(4\)e5

Cisco IOS 15.2(2)SC1

15.2\(2\)sc1

Cisco IOS 15.2(4O)E3

15.2\(4o\)e3

Cisco IOS 15.3(3)S6A

15.3\(3\)s6a

Cisco IOS XE 16.8.1A

16.8.1a

Cisco IOS XE 16.8.1S

16.8.1s

Cisco IOS XE 16.8.1B

16.8.1b

Cisco IOS XE 16.8.2

16.8.2

Cisco IOS XE 16.8.1D

16.8.1d

Cisco IOS XE 16.7.3

16.7.3

Cisco IOS XE 16.7.1A

16.7.1a

Cisco IOS XE 16.7.1B

16.7.1b

Cisco IOS XE 16.8.1C

16.8.1c

Cisco IOS XE 16.8.1E

16.8.1e

Cisco IOS 15.2(4)EA9

15.2\(4\)ea9

Cisco IOS 15.6(2)SP4

15.6\(2\)sp4

Cisco IOS XE 16.4.3

16.4.3

Cisco IOS 15.6(2)T0A

15.6\(2\)t0a

Cisco IOS 15.6(3)M4

15.6\(3\)m4

Cisco IOS XE 3.6.8E

3.6.8e

Cisco IOS XE 3.10.0CE

3.10.0ce

Cisco IOS XE 3.6.7AE

3.6.7ae

Cisco IOS 15.2(4)E6

15.2\(4\)e6

Cisco IOS XE 3.18.3ASP

3.18.3asp

Cisco IOS 15.2(2)E7B

15.2\(2\)e7b

Cisco IOS XE 3.10.0E

3.10.0e

Cisco IOS 15.2(6)E1

15.2\(6\)e1

Cisco IOS 15.2(6)E

15.2\(6\)e

Cisco IOS 15.2(4)EA8

15.2\(4\)ea8

Cisco IOS 15.2(6)E0C

15.2\(6\)e0c

Cisco IOS XE 3.18.1ISP

3.18.1isp

Cisco IOS XE 16.9.1S

16.9.1s

Cisco IOS XE 3.16.7AS

3.16.7as

Cisco IOS XE 3.18.1GSP

3.18.1gsp

Cisco IOS XE 3.18.4S

3.18.4s

Cisco IOS XE 16.9.1C

16.9.1c

Cisco IOS XE 3.18.3BSP

3.18.3bsp

Cisco IOS XE 16.9.1B

16.9.1b

Cisco IOS 15.2(2)E8

15.2\(2\)e8

Cisco IOS XE 3.16.7BS

3.16.7bs

Cisco IOS XE 3.18.4SP

3.18.4sp

Cisco IOS 15.2(6)E0A

15.2\(6\)e0a

Cisco IOS 15.5(3)S7

15.5\(3\)s7

Cisco IOS XE 3.6.7BE

3.6.7be

Cisco IOS XE 16.5.3

16.5.3

Cisco IOS XE 3.18.1HSP

3.18.1hsp

Cisco IOS XE 3.10.1E

3.10.1e

Cisco IOS 15.2(6)E1A

15.2\(6\)e1a

Cisco IOS XE 3.10.1AE

3.10.1ae

Cisco IOS XE 3.10.1SE

3.10.1se

Cisco IOS 15.2(6)E1S

15.2\(6\)e1s

Cisco IOS XE 3.6.10E

3.6.10e

Cisco IOS XE 16.3.7

16.3.7

Cisco IOS XE 16.3.8

16.3.8

Cisco IOS XE 16.9.1D

16.9.1d

Cisco IOS 15.2(4)M6B

15.2\(4\)m6b

Cisco IOS XE 3.13.10S

3.13.10s

Cisco IOS XE 3.10.2AS

3.10.2as

Cisco IOS XE 3.13.6BS

3.13.6bs

Cisco IOS XE 16.6.4S

16.6.4s

Cisco IOS XE 3.10.10S

3.10.10s

Cisco IOS XE 16.6.4

16.6.4

Cisco IOS XE 3.18.5SP

3.18.5sp

Cisco IOS XE 3.16.8S

3.16.8s

Cisco IOS XE 3.10.2E

3.10.2e

Cisco IOS XE 3.6.9E

3.6.9e

Cisco IOS XE 3.8.7E

3.8.7e

Cisco IOS XE 3.16.0AS

3.16.0as

Cisco IOS 15.4(3)S9

15.4\(3\)s9

Cisco IOS 15.2(2)E10

15.2\(2\)e10

Cisco IOS 15.6(2)SP5

15.6\(2\)sp5

Cisco IOS 15.2(2)E9

15.2\(2\)e9

Cisco IOS XE 3.6.9AE

3.6.9ae

Cisco IOS 15.2(1)SY7

15.2\(1\)sy7

Cisco IOS 15.2(1)SY6

15.2\(1\)sy6

Cisco IOS 15.2(2)E9A

15.2\(2\)e9a

Cisco IOS 15.2(4)EA7

15.2\(4\)ea7

Cisco IOS XE 16.10.1

16.10.1

Cisco IOS XE 16.7.4

16.7.4

Cisco IOS XE 16.9.1A

16.9.1a

Cisco IOS XE 16.9.2A

16.9.2a

Cisco IOS XE 16.9.2

16.9.2

Cisco IOS XE 16.6.4A

16.6.4a

Cisco IOS 15.4(3)S10

15.4\(3\)s10

Cisco IOS 15.2(6)E2A

15.2\(6\)e2a

Cisco IOS 15.2(6)E2B

15.2\(6\)e2b

Cisco IOS 15.1(2)SY13

15.1\(2\)sy13

Cisco IOS 15.5(3)S8

15.5\(3\)s8

Cisco IOS 15.2(4)E7

15.2\(4\)e7

Cisco IOS 15.5(1)SY2

15.5\(1\)sy2

Cisco IOS 15.1(2)SY12

15.1\(2\)sy12

Cisco IOS 15.2(6)E2

15.2\(6\)e2

Cisco IOS 15.4(1)SY4

15.4\(1\)sy4

Cisco IOS XE 3.7.8S

3.7.8s

Cisco IOS XE 3.16.10S

3.16.10s

Cisco IOS XE 16.12.1

16.12.1

Cisco IOS 15.5(1)SY4

15.5\(1\)sy4

Cisco IOS 15.5(3)S10

15.5\(3\)s10

Cisco IOS 15.1(2)SY15

15.1\(2\)sy15

Cisco IOS XE 16.11.1

16.11.1

Cisco IOS XE 17.1.1

17.1.1

Cisco IOS 15.2(7)E

15.2\(7\)e

Cisco IOS XE 16.10.1S

16.10.1s

Cisco IOS XE 16.10.1D

16.10.1d

Cisco IOS XE 16.9.2S

16.9.2s

Cisco IOS XE 3.11.3E

3.11.3e

Cisco IOS XE 3.11.0E

3.11.0e

Cisco IOS XE 3.16.9S

3.16.9s

Cisco IOS XE 16.6.6

16.6.6

Cisco IOS XE 16.9.3H

16.9.3h

Cisco IOS XE 16.6.5B

16.6.5b

Cisco IOS XE 16.6.5A

16.6.5a

Cisco IOS XE 3.8.8E

3.8.8e

Cisco IOS XE 16.9.3A

16.9.3a

Cisco IOS XE 16.10.1A

16.10.1a

Cisco IOS XE 3.10.3E

3.10.3e

Cisco IOS XE 16.10.1F

16.10.1f

Cisco IOS XE 16.10.1G

16.10.1g

Cisco IOS XE 16.10.2

16.10.2

Cisco IOS XE 16.9.3

16.9.3

Cisco IOS XE 16.12.1Y

16.12.1y

Cisco IOS XE 16.10.1E

16.10.1e

Cisco IOS XE 16.10.1B

16.10.1b

Cisco IOS XE 16.8.3

16.8.3

Cisco IOS XE 16.9.3S

16.9.3s

Cisco IOS XE 16.10.1C

16.10.1c

Cisco IOS XE 3.18.6SP

3.18.6sp

Cisco IOS 15.6(7)SN1

15.6\(7\)sn1

Cisco IOS 15.2(7)E0s

15.2\(7\)e0s

Cisco IOS 15.8(3)M3B

15.8\(3\)m3b

Cisco IOS XE 16.12.2

16.12.2

Cisco IOS 15.8(3)M3A

15.8\(3\)m3a

Cisco IOS 15.2(2)E10A

15.2\(2\)e10a

Cisco IOS 15.6(3)M6A

15.6\(3\)m6a

Cisco IOS 15.2(7)E0A

15.2\(7\)e0a

Cisco IOS 15.2(7A)E0B

15.2\(7a\)e0b

Cisco IOS 15.2(7)E1

15.2\(7\)e1

Cisco IOS 15.6(7)SN2

15.6\(7\)sn2

Cisco IOS XE 16.6.7A

16.6.7a

Cisco IOS 15.7(3)M4

15.7\(3\)m4

Cisco IOS 15.7(3)M4B

15.7\(3\)m4b

Cisco IOS 15.2(4)E8

15.2\(4\)e8

Cisco IOS 15.6(2)SP6

15.6\(2\)sp6

Cisco IOS 15.1(2)SY14

15.1\(2\)sy14

Cisco IOS 15.8(3)M1A

15.8\(3\)m1a

Cisco IOS XE 3.8.9E

3.8.9e

Cisco IOS XE 16.9.4C

16.9.4c

Cisco IOS 15.5(3)S9

15.5\(3\)s9

Cisco IOS XE 3.11.1E

3.11.1e

Cisco IOS 15.8(3)M2A

15.8\(3\)m2a

Cisco IOS 15.8(3)M2

15.8\(3\)m2

Cisco IOS XE 3.18.7SP

3.18.7sp

Cisco IOS 15.6(3)M6

15.6\(3\)m6

Cisco IOS 15.8(3)M1

15.8\(3\)m1

Cisco IOS 15.2(6)E3

15.2\(6\)e3

Cisco IOS 15.5(3)S9A

15.5\(3\)s9a

Cisco IOS 15.2(1)SY8

15.2\(1\)sy8

Cisco IOS XE 3.11.1AE

3.11.1ae

Cisco IOS 15.2(7)E1A

15.2\(7\)e1a

Cisco IOS 15.5(3)M9

15.5\(3\)m9

Cisco IOS 15.2(7)E0B

15.2\(7\)e0b

Cisco IOS 15.1(3)SVS

15.1\(3\)svs

Cisco IOS XE 16.12.2A

16.12.2a

Cisco IOS 15.6(2)SP7

15.6\(2\)sp7

Cisco IOS 15.7(3)M4A

15.7\(3\)m4a

Cisco IOS 15.5(3)M10

15.5\(3\)m10

Cisco IOS 15.2(4)E9

15.2\(4\)e9

Cisco IOS 15.9(3)M0A

15.9\(3\)m0a

Cisco IOS 15.5(1)SY3

15.5\(1\)sy3

Cisco IOS 15.2(6)EB

15.2\(6\)eb

Cisco IOS XE 16.10.3

16.10.3

Cisco IOS XE 16.12.4

16.12.4

Cisco IOS 15.2(7b)e0b

15.2\(7b\)e0b

Cisco IOS XE 16.9.5

16.9.5

Cisco IOS XE 16.9.5F

16.9.5f

Cisco IOS XE 16.6.8

16.6.8

Cisco IOS XE 3.18.8SP

3.18.8sp

Cisco IOS 15.2(4)E10

15.2\(4\)e10

Cisco IOS XE 3.8.10E

3.8.10e

References

20230322 Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability

20230322 Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.