Preview Tool

Cisco Bug: CSCur37420 - DHCP packet can cause high cpu due to ip dhcp snooping process

Last Modified

Nov 27, 2020

Products (1)

  • Cisco 2600 Series Multiservice Platforms

Known Affected Releases


Description (partial)

A vulnerability in with the Dynamic Host Configuration Protocol (DHCP) feature of 
the Cisco Catalyst 6000 (CAT6K) Series Switch could allow an unauthenticated, remote 
attacker to cause a denial of service (DoS) condition on the device due to high CPU 

The vulnerability is due to incorect input validation of the DHCP Offer packet received
on a connected interface. An attacker could exploit this vulnerability by sending a crafted 
DHCP Offer packet to the affected device. An exploit could allow the attacker to cause a 
DoS condition due to high CPU utilization. The CPU DoS can cause traffic to be dropped and 
console and remote management of the device to be slow.

The affected device is running IOS software version 15.1(2)SY2.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.