The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCisco 1000 Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 4g Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 4gltegb Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 4gltena Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 4p Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 6g Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 8p Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 Integrated Services Router
HWCiscowszystkie wersjeCisco 1100 Lte Integrated Services Router
HWCiscowszystkie wersjeCisco 1101 4p Integrated Services Router
HWCiscowszystkie wersjeCisco 1101 Integrated Services Router
HWCiscowszystkie wersjeCisco 1109 2p Integrated Services Router
HWCiscowszystkie wersjeCisco 1109 4p Integrated Services Router
HWCiscowszystkie wersjeCisco 1109 Integrated Services Router
HWCiscowszystkie wersjeCisco 1111x 8p Integrated Services Router
HWCiscowszystkie wersjeCisco 1111x Integrated Services Router
HWCiscowszystkie wersjeCisco 111x Integrated Services Router
HWCiscowszystkie wersjeCisco 1120 Integrated Services Router
HWCiscowszystkie wersjeCisco 1131 Integrated Services Router
HWCiscowszystkie wersjeCisco 1160 Integrated Services Router
HWCiscowszystkie wersjeCisco 1801 Integrated Service Router
HWCiscowszystkie wersjeCisco 1802 Integrated Service Router
HWCiscowszystkie wersjeCisco 1803 Integrated Service Router
HWCiscowszystkie wersjeCisco 1811 Integrated Service Router
HWCiscowszystkie wersjeCisco 1812 Integrated Service Router
HWCiscowszystkie wersjeCisco 1841 Integrated Service Router
HWCiscowszystkie wersjeCisco 1861 Integrated Service Router
HWCiscowszystkie wersjeCisco 1905 Integrated Services Router
HWCiscowszystkie wersjeCisco 1906c Integrated Services Router
HWCiscowszystkie wersjeCisco 1921 Integrated Services Router
HWCiscowszystkie wersje
CISA KEV — detailsi
- Vendori
- Cisco ↗
- Producti
- IOS and IOS XE Software
- Added to KEVi
- March 3, 2022
- Remediation deadline (US Federal)i
- March 24, 2022(overdue)
Apply updates per vendor instructions.
The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Related vulnerabilities
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execu...
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an un...
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE S...
RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote ...