CVE-2024-20480 - Always-Incorrect Control Flow Implementation

Severity

86%

Complexity

39%

Confidentiality

66%

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. This vulnerability is due to improper handling of IPv4 DHCP packets. An attacker could exploit this vulnerability by sending certain IPv4 DHCP packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition that requires a manual reload to recover.

CVSS 3.1 Base Score 8.6. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).

Overview

Type

Cisco IOS

First reported 4 months ago

2024-09-25 17:15:00

Last updated 4 months ago

2024-10-03 20:07:00

Affected Software

Cisco IOS XE 16.1.1

16.1.1

Cisco IOS XE 16.5.1

16.5.1

Cisco IOS XE 16.3.4

16.3.4

Cisco IOS XE 16.5.1B

16.5.1b

Cisco IOS XE 16.4.2

16.4.2

Cisco IOS XE16.9.1

16.9.1

Cisco IOS XE 16.3.5

16.3.5

Cisco IOS XE 16.5.2

16.5.2

Cisco IOS XE 16.8.1A

16.8.1a

Cisco IOS XE 16.8.1S

16.8.1s

Cisco IOS XE 16.8.1B

16.8.1b

Cisco IOS XE 16.8.2

16.8.2

Cisco IOS XE 16.8.1D

16.8.1d

Cisco IOS XE 16.7.3

16.7.3

Cisco IOS XE 16.7.1A

16.7.1a

Cisco IOS XE 16.7.1B

16.7.1b

Cisco IOS XE 16.8.1C

16.8.1c

Cisco IOS XE 16.8.1E

16.8.1e

Cisco IOS XE 16.4.3

16.4.3

Cisco IOS XE 16.9.1S

16.9.1s

Cisco IOS XE 16.9.1B

16.9.1b

Cisco IOS XE 16.5.3

16.5.3

Cisco IOS XE 16.3.7

16.3.7

Cisco IOS XE 16.3.8

16.3.8

Cisco IOS XE 16.6.4

16.6.4

Cisco IOS XE 16.10.1

16.10.1

Cisco IOS XE 16.7.4

16.7.4

Cisco IOS XE 16.9.1A

16.9.1a

Cisco IOS XE 16.9.2

16.9.2

Cisco IOS XE 16.6.4A

16.6.4a

Cisco IOS XE 16.12.1

16.12.1

Cisco IOS XE 16.11.1

16.11.1

Cisco IOS XE 17.1.1

17.1.1

Cisco IOS XE 16.10.1S

16.10.1s

Cisco IOS XE 16.10.1D

16.10.1d

Cisco IOS XE 16.6.6

16.6.6

Cisco IOS XE 16.6.5A

16.6.5a

Cisco IOS XE 16.9.3A

16.9.3a

Cisco IOS XE 16.10.1A

16.10.1a

Cisco IOS XE 16.10.1F

16.10.1f

Cisco IOS XE 16.10.1G

16.10.1g

Cisco IOS XE 16.10.2

16.10.2

Cisco IOS XE 16.9.3

16.9.3

Cisco IOS XE 16.12.1Y

16.12.1y

Cisco IOS XE 16.10.1E

16.10.1e

Cisco IOS XE 16.10.1B

16.10.1b

Cisco IOS XE 16.8.3

16.8.3

Cisco IOS XE 16.10.1C

16.10.1c

Cisco IOS XE 16.12.2

16.12.2

Cisco IOS XE 16.12.2A

16.12.2a

Cisco IOS XE 16.10.3

16.10.3

Cisco IOS XE 16.12.4

16.12.4

Cisco IOS XE 16.12.8

16.12.8

Cisco IOS XE 16.9.5

16.9.5

Cisco IOS XE 16.9.5F

16.9.5f

Cisco IOS XE 16.6.8

16.6.8

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.