CVE-2024-20480
First published: Wed Sep 25 2024(Updated: )
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. This vulnerability is due to improper handling of IPv4 DHCP packets. An attacker could exploit this vulnerability by sending certain IPv4 DHCP packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition that requires a manual reload to recover.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE Web UI | =16.1.1 | |
| Cisco IOS XE Web UI | =16.1.2 | |
| Cisco IOS XE Web UI | =16.1.3 | |
| Cisco IOS XE Web UI | =16.2.1 | |
| Cisco IOS XE Web UI | =16.2.2 | |
| Cisco IOS XE Web UI | =16.3.1 | |
| Cisco IOS XE Web UI | =16.3.1a | |
| Cisco IOS XE Web UI | =16.3.2 | |
| Cisco IOS XE Web UI | =16.3.3 | |
| Cisco IOS XE Web UI | =16.3.4 | |
| Cisco IOS XE Web UI | =16.3.5 | |
| Cisco IOS XE Web UI | =16.3.5b | |
| Cisco IOS XE Web UI | =16.3.6 | |
| Cisco IOS XE Web UI | =16.3.7 | |
| Cisco IOS XE Web UI | =16.3.8 | |
| Cisco IOS XE Web UI | =16.3.9 | |
| Cisco IOS XE Web UI | =16.3.10 | |
| Cisco IOS XE Web UI | =16.3.11 | |
| Cisco IOS XE Web UI | =16.4.1 | |
| Cisco IOS XE Web UI | =16.4.2 | |
| Cisco IOS XE Web UI | =16.4.3 | |
| Cisco IOS XE Web UI | =16.5.1 | |
| Cisco IOS XE Web UI | =16.5.1a | |
| Cisco IOS XE Web UI | =16.5.1b | |
| Cisco IOS XE Web UI | =16.5.2 | |
| Cisco IOS XE Web UI | =16.5.3 | |
| Cisco IOS XE Web UI | =16.6.1 | |
| Cisco IOS XE Web UI | =16.6.2 | |
| Cisco IOS XE Web UI | =16.6.3 | |
| Cisco IOS XE Web UI | =16.6.4 | |
| Cisco IOS XE Web UI | =16.6.4a | |
| Cisco IOS XE Web UI | =16.6.5 | |
| Cisco IOS XE Web UI | =16.6.5a | |
| Cisco IOS XE Web UI | =16.6.6 | |
| Cisco IOS XE Web UI | =16.6.7 | |
| Cisco IOS XE Web UI | =16.6.8 | |
| Cisco IOS XE Web UI | =16.6.9 | |
| Cisco IOS XE Web UI | =16.6.10 | |
| Cisco IOS XE Web UI | =16.7.1 | |
| Cisco IOS XE Web UI | =16.7.1a | |
| Cisco IOS XE Web UI | =16.7.1b | |
| Cisco IOS XE Web UI | =16.7.2 | |
| Cisco IOS XE Web UI | =16.7.3 | |
| Cisco IOS XE Web UI | =16.7.4 | |
| Cisco IOS XE Web UI | =16.8.1 | |
| Cisco IOS XE Web UI | =16.8.1a | |
| Cisco IOS XE Web UI | =16.8.1b | |
| Cisco IOS XE Web UI | =16.8.1c | |
| Cisco IOS XE Web UI | =16.8.1d | |
| Cisco IOS XE Web UI | =16.8.1e | |
| Cisco IOS XE Web UI | =16.8.1s | |
| Cisco IOS XE Web UI | =16.8.2 | |
| Cisco IOS XE Web UI | =16.8.3 | |
| Cisco IOS XE Web UI | =16.9.1 | |
| Cisco IOS XE Web UI | =16.9.1a | |
| Cisco IOS XE Web UI | =16.9.1b | |
| Cisco IOS XE Web UI | =16.9.1s | |
| Cisco IOS XE Web UI | =16.9.2 | |
| Cisco IOS XE Web UI | =16.9.3 | |
| Cisco IOS XE Web UI | =16.9.3a | |
| Cisco IOS XE Web UI | =16.9.4 | |
| Cisco IOS XE Web UI | =16.9.5 | |
| Cisco IOS XE Web UI | =16.9.5f | |
| Cisco IOS XE Web UI | =16.9.6 | |
| Cisco IOS XE Web UI | =16.9.7 | |
| Cisco IOS XE Web UI | =16.9.8 | |
| Cisco IOS XE Web UI | =16.10.1 | |
| Cisco IOS XE Web UI | =16.10.1a | |
| Cisco IOS XE Web UI | =16.10.1b | |
| Cisco IOS XE Web UI | =16.10.1c | |
| Cisco IOS XE Web UI | =16.10.1d | |
| Cisco IOS XE Web UI | =16.10.1e | |
| Cisco IOS XE Web UI | =16.10.1f | |
| Cisco IOS XE Web UI | =16.10.1g | |
| Cisco IOS XE Web UI | =16.10.1s | |
| Cisco IOS XE Web UI | =16.10.2 | |
| Cisco IOS XE Web UI | =16.10.3 | |
| Cisco IOS XE Web UI | =16.11.1 | |
| Cisco IOS XE Web UI | =16.11.1a | |
| Cisco IOS XE Web UI | =16.11.1b | |
| Cisco IOS XE Web UI | =16.11.1s | |
| Cisco IOS XE Web UI | =16.11.2 | |
| Cisco IOS XE Web UI | =16.12.1 | |
| Cisco IOS XE Web UI | =16.12.1a | |
| Cisco IOS XE Web UI | =16.12.1c | |
| Cisco IOS XE Web UI | =16.12.1s | |
| Cisco IOS XE Web UI | =16.12.1t | |
| Cisco IOS XE Web UI | =16.12.1w | |
| Cisco IOS XE Web UI | =16.12.1x | |
| Cisco IOS XE Web UI | =16.12.1y | |
| Cisco IOS XE Web UI | =16.12.1z1 | |
| Cisco IOS XE Web UI | =16.12.1z2 | |
| Cisco IOS XE Web UI | =16.12.2 | |
| Cisco IOS XE Web UI | =16.12.2a | |
| Cisco IOS XE Web UI | =16.12.2s | |
| Cisco IOS XE Web UI | =16.12.3 | |
| Cisco IOS XE Web UI | =16.12.3a | |
| Cisco IOS XE Web UI | =16.12.3s | |
| Cisco IOS XE Web UI | =16.12.4 | |
| Cisco IOS XE Web UI | =16.12.4a | |
| Cisco IOS XE Web UI | =16.12.5 | |
| Cisco IOS XE Web UI | =16.12.5a | |
| Cisco IOS XE Web UI | =16.12.5b | |
| Cisco IOS XE Web UI | =16.12.6 | |
| Cisco IOS XE Web UI | =16.12.6a | |
| Cisco IOS XE Web UI | =16.12.7 | |
| Cisco IOS XE Web UI | =16.12.8 | |
| Cisco IOS XE Web UI | =16.12.9 | |
| Cisco IOS XE Web UI | =16.12.10 | |
| Cisco IOS XE Web UI | =16.12.10a | |
| Cisco IOS XE Web UI | =16.12.11 | |
| Cisco IOS XE Web UI | =17.1.1 | |
| Cisco IOS XE Web UI | =17.1.1a | |
| Cisco IOS XE Web UI | =17.1.1s | |
| Cisco IOS XE Web UI | =17.1.1t | |
| Cisco IOS XE Web UI | =17.1.3 | |
| Cisco IOS XE Web UI | =17.2.1 | |
| Cisco IOS XE Web UI | =17.2.1a | |
| Cisco IOS XE Web UI | =17.2.1r | |
| Cisco IOS XE Web UI | =17.2.1v | |
| Cisco IOS XE Web UI | =17.2.2 | |
| Cisco IOS XE Web UI | =17.2.3 | |
| Cisco IOS XE Web UI | =17.3.1 | |
| Cisco IOS XE Web UI | =17.3.1a | |
| Cisco IOS XE Web UI | =17.3.1w | |
| Cisco IOS XE Web UI | =17.3.1x | |
| Cisco IOS XE Web UI | =17.3.1z | |
| Cisco IOS XE Web UI | =17.3.2 | |
| Cisco IOS XE Web UI | =17.3.2a | |
| Cisco IOS XE Web UI | =17.3.3 | |
| Cisco IOS XE Web UI | =17.3.4 | |
| Cisco IOS XE Web UI | =17.3.4a | |
| Cisco IOS XE Web UI | =17.3.4b | |
| Cisco IOS XE Web UI | =17.3.4c | |
| Cisco IOS XE Web UI | =17.3.5 | |
| Cisco IOS XE Web UI | =17.3.5a | |
| Cisco IOS XE Web UI | =17.3.5b | |
| Cisco IOS XE Web UI | =17.3.6 | |
| Cisco IOS XE Web UI | =17.3.7 | |
| Cisco IOS XE Web UI | =17.3.8 | |
| Cisco IOS XE Web UI | =17.3.8a | |
| Cisco IOS XE Web UI | =17.4.1 | |
| Cisco IOS XE Web UI | =17.4.1a | |
| Cisco IOS XE Web UI | =17.4.1b | |
| Cisco IOS XE Web UI | =17.4.2 | |
| Cisco IOS XE Web UI | =17.4.2a | |
| Cisco IOS XE Web UI | =17.5.1 | |
| Cisco IOS XE Web UI | =17.5.1a | |
| Cisco IOS XE Web UI | =17.6.1 | |
| Cisco IOS XE Web UI | =17.6.1a | |
| Cisco IOS XE Web UI | =17.6.1w | |
| Cisco IOS XE Web UI | =17.6.1x | |
| Cisco IOS XE Web UI | =17.6.1y | |
| Cisco IOS XE Web UI | =17.6.1z | |
| Cisco IOS XE Web UI | =17.6.1z1 | |
| Cisco IOS XE Web UI | =17.6.2 | |
| Cisco IOS XE Web UI | =17.6.3 | |
| Cisco IOS XE Web UI | =17.6.3a | |
| Cisco IOS XE Web UI | =17.6.4 | |
| Cisco IOS XE Web UI | =17.6.5 | |
| Cisco IOS XE Web UI | =17.6.5a | |
| Cisco IOS XE Web UI | =17.6.6 | |
| Cisco IOS XE Web UI | =17.6.6a | |
| Cisco IOS XE Web UI | =17.6.7 | |
| Cisco IOS XE Web UI | =17.7.1 | |
| Cisco IOS XE Web UI | =17.7.1a | |
| Cisco IOS XE Web UI | =17.7.1b | |
| Cisco IOS XE Web UI | =17.7.2 | |
| Cisco IOS XE Web UI | =17.8.1 | |
| Cisco IOS XE Web UI | =17.8.1a | |
| Cisco IOS XE Web UI | =17.9.1 | |
| Cisco IOS XE Web UI | =17.9.1a | |
| Cisco IOS XE Web UI | =17.9.1w | |
| Cisco IOS XE Web UI | =17.9.1x | |
| Cisco IOS XE Web UI | =17.9.1x1 | |
| Cisco IOS XE Web UI | =17.9.1y | |
| Cisco IOS XE Web UI | =17.9.1y1 | |
| Cisco IOS XE Web UI | =17.9.2 | |
| Cisco IOS XE Web UI | =17.9.2a | |
| Cisco IOS XE Web UI | =17.9.3 | |
| Cisco IOS XE Web UI | =17.9.3a | |
| Cisco IOS XE Web UI | =17.9.4 | |
| Cisco IOS XE Web UI | =17.9.4a | |
| Cisco IOS XE Web UI | =17.9.5 | |
| Cisco IOS XE Web UI | =17.9.5a | |
| Cisco IOS XE Web UI | =17.9.5b | |
| Cisco IOS XE Web UI | =17.10.1 | |
| Cisco IOS XE Web UI | =17.10.1a | |
| Cisco IOS XE Web UI | =17.10.1b | |
| Cisco IOS XE Web UI | =17.11.1 | |
| Cisco IOS XE Web UI | =17.11.1a | |
| Cisco IOS XE Web UI | =17.11.99sw | |
| Cisco IOS XE Web UI | =17.12.1 | |
| Cisco IOS XE Web UI | =17.12.1a | |
| Cisco IOS XE Web UI | =17.12.1w | |
| Cisco IOS XE Web UI | =17.12.1x | |
| Cisco IOS XE Web UI | =17.12.1y | |
| Cisco IOS XE Web UI | =17.12.2 | |
| Cisco IOS XE Web UI | =17.12.2a | |
| Cisco IOS XE Web UI | =17.12.3 | |
| Cisco IOS XE Web UI | =17.12.3a | |
| Cisco IOS XE Web UI | =17.13.1 | |
| Cisco IOS XE Web UI | =17.13.1a | |
| Cisco IOS XE Web UI | =17.14.1 | |
| Cisco IOS XE Web UI | =17.14.1a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-20480?
The severity of CVE-2024-20480 is rated as high due to its potential to cause denial of service conditions.
How do I fix CVE-2024-20480?
To fix CVE-2024-20480, update the Cisco IOS XE software to the recommended version as specified by Cisco.
What devices are affected by CVE-2024-20480?
CVE-2024-20480 affects Cisco IOS XE software running on Software-Defined Access (SD-Access) fabric edge nodes.
What impact does CVE-2024-20480 have on my network?
CVE-2024-20480 can lead to high CPU utilization, resulting in denial of service for the affected devices.
Who can exploit CVE-2024-20480?
CVE-2024-20480 can be exploited by unauthenticated, remote attackers.
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios xe web ui
- version/cisco ios xe web ui/16.1.1
- version/cisco ios xe web ui/16.1.2
- version/cisco ios xe web ui/16.1.3
- version/cisco ios xe web ui/16.2.1
- version/cisco ios xe web ui/16.2.2
- version/cisco ios xe web ui/16.3.1
- version/cisco ios xe web ui/16.3.1a
- version/cisco ios xe web ui/16.3.2
- version/cisco ios xe web ui/16.3.3
- version/cisco ios xe web ui/16.3.4
- version/cisco ios xe web ui/16.3.5
- version/cisco ios xe web ui/16.3.5b
- version/cisco ios xe web ui/16.3.6
- version/cisco ios xe web ui/16.3.7
- version/cisco ios xe web ui/16.3.8
- version/cisco ios xe web ui/16.3.9
- version/cisco ios xe web ui/16.3.10
- version/cisco ios xe web ui/16.3.11
- version/cisco ios xe web ui/16.4.1
- version/cisco ios xe web ui/16.4.2
- version/cisco ios xe web ui/16.4.3
- version/cisco ios xe web ui/16.5.1
- version/cisco ios xe web ui/16.5.1a
- version/cisco ios xe web ui/16.5.1b
- version/cisco ios xe web ui/16.5.2
- version/cisco ios xe web ui/16.5.3
- version/cisco ios xe web ui/16.6.1
- version/cisco ios xe web ui/16.6.2
- version/cisco ios xe web ui/16.6.3
- version/cisco ios xe web ui/16.6.4
- version/cisco ios xe web ui/16.6.4a
- version/cisco ios xe web ui/16.6.5
- version/cisco ios xe web ui/16.6.5a
- version/cisco ios xe web ui/16.6.6
- version/cisco ios xe web ui/16.6.7
- version/cisco ios xe web ui/16.6.8
- version/cisco ios xe web ui/16.6.9
- version/cisco ios xe web ui/16.6.10
- version/cisco ios xe web ui/16.7.1
- version/cisco ios xe web ui/16.7.1a
- version/cisco ios xe web ui/16.7.1b
- version/cisco ios xe web ui/16.7.2
- version/cisco ios xe web ui/16.7.3
- version/cisco ios xe web ui/16.7.4
- version/cisco ios xe web ui/16.8.1
- version/cisco ios xe web ui/16.8.1a
- version/cisco ios xe web ui/16.8.1b
- version/cisco ios xe web ui/16.8.1c
- version/cisco ios xe web ui/16.8.1d
- version/cisco ios xe web ui/16.8.1e
- version/cisco ios xe web ui/16.8.1s
- version/cisco ios xe web ui/16.8.2
- version/cisco ios xe web ui/16.8.3
- version/cisco ios xe web ui/16.9.1
- version/cisco ios xe web ui/16.9.1a
- version/cisco ios xe web ui/16.9.1b
- version/cisco ios xe web ui/16.9.1s
- version/cisco ios xe web ui/16.9.2
- version/cisco ios xe web ui/16.9.3
- version/cisco ios xe web ui/16.9.3a
- version/cisco ios xe web ui/16.9.4
- version/cisco ios xe web ui/16.9.5
- version/cisco ios xe web ui/16.9.5f
- version/cisco ios xe web ui/16.9.6
- version/cisco ios xe web ui/16.9.7
- version/cisco ios xe web ui/16.9.8
- version/cisco ios xe web ui/16.10.1
- version/cisco ios xe web ui/16.10.1a
- version/cisco ios xe web ui/16.10.1b
- version/cisco ios xe web ui/16.10.1c
- version/cisco ios xe web ui/16.10.1d
- version/cisco ios xe web ui/16.10.1e
- version/cisco ios xe web ui/16.10.1f
- version/cisco ios xe web ui/16.10.1g
- version/cisco ios xe web ui/16.10.1s
- version/cisco ios xe web ui/16.10.2
- version/cisco ios xe web ui/16.10.3
- version/cisco ios xe web ui/16.11.1
- version/cisco ios xe web ui/16.11.1a
- version/cisco ios xe web ui/16.11.1b
- version/cisco ios xe web ui/16.11.1s
- version/cisco ios xe web ui/16.11.2
- version/cisco ios xe web ui/16.12.1
- version/cisco ios xe web ui/16.12.1a
- version/cisco ios xe web ui/16.12.1c
- version/cisco ios xe web ui/16.12.1s
- version/cisco ios xe web ui/16.12.1t
- version/cisco ios xe web ui/16.12.1w
- version/cisco ios xe web ui/16.12.1x
- version/cisco ios xe web ui/16.12.1y
- version/cisco ios xe web ui/16.12.1z1
- version/cisco ios xe web ui/16.12.1z2
- version/cisco ios xe web ui/16.12.2
- version/cisco ios xe web ui/16.12.2a
- version/cisco ios xe web ui/16.12.2s
- version/cisco ios xe web ui/16.12.3
- version/cisco ios xe web ui/16.12.3a
- version/cisco ios xe web ui/16.12.3s
- version/cisco ios xe web ui/16.12.4
- version/cisco ios xe web ui/16.12.4a
- version/cisco ios xe web ui/16.12.5
- version/cisco ios xe web ui/16.12.5a
- version/cisco ios xe web ui/16.12.5b
- version/cisco ios xe web ui/16.12.6
- version/cisco ios xe web ui/16.12.6a
- version/cisco ios xe web ui/16.12.7
- version/cisco ios xe web ui/16.12.8
- version/cisco ios xe web ui/16.12.9
- version/cisco ios xe web ui/16.12.10
- version/cisco ios xe web ui/16.12.10a
- version/cisco ios xe web ui/16.12.11
- version/cisco ios xe web ui/17.1.1
- version/cisco ios xe web ui/17.1.1a
- version/cisco ios xe web ui/17.1.1s
- version/cisco ios xe web ui/17.1.1t
- version/cisco ios xe web ui/17.1.3
- version/cisco ios xe web ui/17.2.1
- version/cisco ios xe web ui/17.2.1a
- version/cisco ios xe web ui/17.2.1r
- version/cisco ios xe web ui/17.2.1v
- version/cisco ios xe web ui/17.2.2
- version/cisco ios xe web ui/17.2.3
- version/cisco ios xe web ui/17.3.1
- version/cisco ios xe web ui/17.3.1a
- version/cisco ios xe web ui/17.3.1w
- version/cisco ios xe web ui/17.3.1x
- version/cisco ios xe web ui/17.3.1z
- version/cisco ios xe web ui/17.3.2
- version/cisco ios xe web ui/17.3.2a
- version/cisco ios xe web ui/17.3.3
- version/cisco ios xe web ui/17.3.4
- version/cisco ios xe web ui/17.3.4a
- version/cisco ios xe web ui/17.3.4b
- version/cisco ios xe web ui/17.3.4c
- version/cisco ios xe web ui/17.3.5
- version/cisco ios xe web ui/17.3.5a
- version/cisco ios xe web ui/17.3.5b
- version/cisco ios xe web ui/17.3.6
- version/cisco ios xe web ui/17.3.7
- version/cisco ios xe web ui/17.3.8
- version/cisco ios xe web ui/17.3.8a
- version/cisco ios xe web ui/17.4.1
- version/cisco ios xe web ui/17.4.1a
- version/cisco ios xe web ui/17.4.1b
- version/cisco ios xe web ui/17.4.2
- version/cisco ios xe web ui/17.4.2a
- version/cisco ios xe web ui/17.5.1
- version/cisco ios xe web ui/17.5.1a
- version/cisco ios xe web ui/17.6.1
- version/cisco ios xe web ui/17.6.1a
- version/cisco ios xe web ui/17.6.1w
- version/cisco ios xe web ui/17.6.1x
- version/cisco ios xe web ui/17.6.1y
- version/cisco ios xe web ui/17.6.1z
- version/cisco ios xe web ui/17.6.1z1
- version/cisco ios xe web ui/17.6.2
- version/cisco ios xe web ui/17.6.3
- version/cisco ios xe web ui/17.6.3a
- version/cisco ios xe web ui/17.6.4
- version/cisco ios xe web ui/17.6.5
- version/cisco ios xe web ui/17.6.5a
- version/cisco ios xe web ui/17.6.6
- version/cisco ios xe web ui/17.6.6a
- version/cisco ios xe web ui/17.6.7
- version/cisco ios xe web ui/17.7.1
- version/cisco ios xe web ui/17.7.1a
- version/cisco ios xe web ui/17.7.1b
- version/cisco ios xe web ui/17.7.2
- version/cisco ios xe web ui/17.8.1
- version/cisco ios xe web ui/17.8.1a
- version/cisco ios xe web ui/17.9.1
- version/cisco ios xe web ui/17.9.1a
- version/cisco ios xe web ui/17.9.1w
- version/cisco ios xe web ui/17.9.1x
- version/cisco ios xe web ui/17.9.1x1
- version/cisco ios xe web ui/17.9.1y
- version/cisco ios xe web ui/17.9.1y1
- version/cisco ios xe web ui/17.9.2
- version/cisco ios xe web ui/17.9.2a
- version/cisco ios xe web ui/17.9.3
- version/cisco ios xe web ui/17.9.3a
- version/cisco ios xe web ui/17.9.4
- version/cisco ios xe web ui/17.9.4a
- version/cisco ios xe web ui/17.9.5
- version/cisco ios xe web ui/17.9.5a
- version/cisco ios xe web ui/17.9.5b
- version/cisco ios xe web ui/17.10.1
- version/cisco ios xe web ui/17.10.1a
- version/cisco ios xe web ui/17.10.1b
- version/cisco ios xe web ui/17.11.1
- version/cisco ios xe web ui/17.11.1a
- version/cisco ios xe web ui/17.11.99sw
- version/cisco ios xe web ui/17.12.1
- version/cisco ios xe web ui/17.12.1a
- version/cisco ios xe web ui/17.12.1w
- version/cisco ios xe web ui/17.12.1x
- version/cisco ios xe web ui/17.12.1y
- version/cisco ios xe web ui/17.12.2
- version/cisco ios xe web ui/17.12.2a
- version/cisco ios xe web ui/17.12.3
- version/cisco ios xe web ui/17.12.3a
- version/cisco ios xe web ui/17.13.1
- version/cisco ios xe web ui/17.13.1a
- version/cisco ios xe web ui/17.14.1
- version/cisco ios xe web ui/17.14.1a