Description
A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.
Published: 2023-03-23
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-24259 A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.
History

Mon, 28 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Cisco Ios Ios Xe
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-10-28T16:32:31.260Z

Reserved: 2022-10-27T00:00:00.000Z

Link: CVE-2023-20080

cve-icon Vulnrichment

Updated: 2024-08-02T08:57:35.867Z

cve-icon NVD

Status : Modified

Published: 2023-03-23T17:15:14.797

Modified: 2024-11-21T07:40:30.387

Link: CVE-2023-20080

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses