Guest

Preview Tool

Cisco Bug: CSCur37420 - DHCP packet can cause high cpu due to ip dhcp snooping process

Last Modified

Nov 27, 2020

Products (1)

  • Cisco 2600 Series Multiservice Platforms

Known Affected Releases

15.1(2)SY2

Description (partial)

Symptom:
A vulnerability in with the Dynamic Host Configuration Protocol (DHCP) feature of 
the Cisco Catalyst 6000 (CAT6K) Series Switch could allow an unauthenticated, remote 
attacker to cause a denial of service (DoS) condition on the device due to high CPU 
utilization.

The vulnerability is due to incorect input validation of the DHCP Offer packet received
on a connected interface. An attacker could exploit this vulnerability by sending a crafted 
DHCP Offer packet to the affected device. An exploit could allow the attacker to cause a 
DoS condition due to high CPU utilization. The CPU DoS can cause traffic to be dropped and 
console and remote management of the device to be slow.

Conditions:
The affected device is running IOS software version 15.1(2)SY2.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.