PT-2024-5806 · Cisco · Cisco Nx-Os+1
Published
2024-08-28
·
Updated
2024-08-31
·
CVE-2024-20446
CVSS v3.1
8.6
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco NX-OS Software (affected versions not specified)
Description
A vulnerability in the DHCPv6 relay agent could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this by sending a crafted DHCPv6 packet to any IPv6 address configured on an affected device, potentially causing the dhcp snoop process to crash and restart multiple times, leading to a DoS condition.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Nx-Os
Cisco Nexus