Vulnerability Bulletins

Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability


System information

   
Affected software Cisco

Description

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dhcpr2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20DHCP%20Version%204%20Relay%20Reply%20Denial%20of%20Service%20Vulnerability&vs_k=1

Standar resources

Property Value
CVE CVE-2018-0173.

Version history

Version Comments Date
1.0 Advisory issued 2022-12-18
Ministerio de Defensa
CNI
CCN
CCN-CERT