CVE-2013-5475

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 through 12.4 and 15.0 through 15.3 Cisco IOS XE versions 2.1 through 3.9

Description The issue is related to insufficient input validation in the DHCP implementation, allowing a remote attacker to cause a denial of service condition by sending crafted DHCP packets to an affected device with the DHCP server or DHCP relay feature enabled. This could lead to a reload of the affected device.

Recommendations For Cisco IOS versions 12.2 through 12.4 and 15.0 through 15.3, update to a fixed software version. For Cisco IOS XE versions 2.1 through 3.9, update to a fixed software version. As a general mitigation measure, consider disabling the DHCP server or DHCP relay feature until a patch is applied.