Cisco Bug: CSCur37420 - DHCP packet can cause high cpu due to ip dhcp snooping process
Nov 27, 2020
- Cisco 2600 Series Multiservice Platforms
Known Affected Releases
Symptom: A vulnerability in with the Dynamic Host Configuration Protocol (DHCP) feature of the Cisco Catalyst 6000 (CAT6K) Series Switch could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the device due to high CPU utilization. The vulnerability is due to incorect input validation of the DHCP Offer packet received on a connected interface. An attacker could exploit this vulnerability by sending a crafted DHCP Offer packet to the affected device. An exploit could allow the attacker to cause a DoS condition due to high CPU utilization. The CPU DoS can cause traffic to be dropped and console and remote management of the device to be slow. Conditions: The affected device is running IOS software version 15.1(2)SY2.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases