Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. This vulnerability is due to improper handling of IPv4 DHCP packets. An attacker could exploit this vulnerability by sending certain IPv4 DHCP packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition that requires a manual reload to recover.

SeverityHIGH
CVSS8.6
CWECWE-783
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco IOS cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln
Cisco IOS XE Software cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln
Cisco Catalyst 9600 Series Switches cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco OpenVuln · software-dependent