What is the severity of CVE-2024-20446?

CVE-2024-20446 has a high severity rating due to its potential to cause a denial of service condition.

How do I fix CVE-2024-20446?

To mitigate CVE-2024-20446, upgrade your Cisco NX-OS Software to the latest version that includes the security patch.

What systems are affected by CVE-2024-20446?

CVE-2024-20446 affects devices running Cisco NX-OS Software that utilize DHCPv6 relay agents.

Can CVE-2024-20446 be exploited remotely?

Yes, CVE-2024-20446 can be exploited by unauthenticated remote attackers.

What is the impact of CVE-2024-20446 on network availability?

The impact of CVE-2024-20446 is significant as it can lead to a denial of service, disrupting network availability.

Vulnerability/
CVE-2024-20446

high

8.6

CWE

476

28/8/2024

29/8/2024

CVE-2024-20446: Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability

First published: Wed Aug 28 2024(Updated: )

A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device. A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco NX-OS

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn

Frequently Asked Questions

What is the severity of CVE-2024-20446?
CVE-2024-20446 has a high severity rating due to its potential to cause a denial of service condition.
How do I fix CVE-2024-20446?
To mitigate CVE-2024-20446, upgrade your Cisco NX-OS Software to the latest version that includes the security patch.
What systems are affected by CVE-2024-20446?
CVE-2024-20446 affects devices running Cisco NX-OS Software that utilize DHCPv6 relay agents.
Can CVE-2024-20446 be exploited remotely?
Yes, CVE-2024-20446 can be exploited by unauthenticated remote attackers.
What is the impact of CVE-2024-20446 on network availability?
The impact of CVE-2024-20446 is significant as it can lead to a denial of service, disrupting network availability.

agent/references
agent/weakness
agent/title
agent/type
agent/first-publish-date
agent/description
agent/author
agent/severity
agent/event
collector/nvd-api
source/NVD
agent/last-modified-date
collector/mitre-cve
source/MITRE
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco nx-os

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.