HomePentest-Tools.com Logo

Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability (cisco-sa-20161005-dhcp1) CVE-2015-6392

Severity
CVSSv3 Score
7.5
Vulnerability description

A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

Risk description

The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 6, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available