Описание
Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.8s\(.2\) (включая)
Одно из
cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.8s\(.0\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.8s\(.1\):*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00296
Низкий
6.3 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
больше 3 лет назад
Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.
EPSS
Процентиль: 52%
0.00296
Низкий
6.3 Medium
CVSS2
Дефекты
CWE-399