What is the severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h?

The severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h is classified as high due to its potential for denial of service.

How do I fix cisco-sa-iosxe-dhcp-dos-JSCKX43h?

To fix cisco-sa-iosxe-dhcp-dos-JSCKX43h, apply the recommended software updates provided by Cisco for the affected IOS XE Software.

Who is affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h?

Cisco cBR-8 Converged Broadband Routers running IOS XE Software are affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h.

What is the impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h?

The impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h is that it can lead to a denial of service condition, causing the supervisor to crash.

Can cisco-sa-iosxe-dhcp-dos-JSCKX43h be exploited remotely?

Yes, cisco-sa-iosxe-dhcp-dos-JSCKX43h can be exploited by unauthenticated remote attackers.

Vulnerability/
cisco-sa-iosxe-dhcp-dos-JSCKX43h

high

8.6

CWE

388

24/9/2020

cisco-sa-iosxe-dhcp-dos-JSCKX43h: Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability

First published: Thu Sep 24 2020(Updated: )

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Credit: This vulnerability was found during the resolution a Cisco TAC support case

Affected Software	Affected Version	How to fix
Cisco cBR-8 Converged Broadband Routers

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2020-3509

Frequently Asked Questions

What is the severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h?
The severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h is classified as high due to its potential for denial of service.
How do I fix cisco-sa-iosxe-dhcp-dos-JSCKX43h?
To fix cisco-sa-iosxe-dhcp-dos-JSCKX43h, apply the recommended software updates provided by Cisco for the affected IOS XE Software.
Who is affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h?
Cisco cBR-8 Converged Broadband Routers running IOS XE Software are affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h.
What is the impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h?
The impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h is that it can lead to a denial of service condition, causing the supervisor to crash.
Can cisco-sa-iosxe-dhcp-dos-JSCKX43h be exploited remotely?
Yes, cisco-sa-iosxe-dhcp-dos-JSCKX43h can be exploited by unauthenticated remote attackers.

agent/type
agent/event
agent/last-modified-date
agent/first-publish-date
collector/cisco-advisory
source/Cisco
agent/severity
agent/title
agent/author
agent/references
agent/weakness
agent/description
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco cbr-8 converged broadband routers

Frequently Asked Questions

What is the severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h?
The severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h is classified as high due to its potential for denial of service.
How do I fix cisco-sa-iosxe-dhcp-dos-JSCKX43h?
To fix cisco-sa-iosxe-dhcp-dos-JSCKX43h, apply the recommended software updates provided by Cisco for the affected IOS XE Software.
Who is affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h?
Cisco cBR-8 Converged Broadband Routers running IOS XE Software are affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h.
What is the impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h?
The impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h is that it can lead to a denial of service condition, causing the supervisor to crash.
Can cisco-sa-iosxe-dhcp-dos-JSCKX43h be exploited remotely?
Yes, cisco-sa-iosxe-dhcp-dos-JSCKX43h can be exploited by unauthenticated remote attackers.

cisco-sa-iosxe-dhcp-dos-JSCKX43h: Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

Frequently Asked Questions

What is the severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h?

How do I fix cisco-sa-iosxe-dhcp-dos-JSCKX43h?

Who is affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h?

What is the impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h?

Can cisco-sa-iosxe-dhcp-dos-JSCKX43h be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of cisco-sa-iosxe-dhcp-dos-JSCKX43h?

How do I fix cisco-sa-iosxe-dhcp-dos-JSCKX43h?

Who is affected by cisco-sa-iosxe-dhcp-dos-JSCKX43h?

What is the impact of cisco-sa-iosxe-dhcp-dos-JSCKX43h?

Can cisco-sa-iosxe-dhcp-dos-JSCKX43h be exploited remotely?