CVE-2023-20080
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
23/03/2023
Last modified:
07/11/2023
Description
A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:12.2\(6\)i1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg6:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg7:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sg8:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sy1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sy2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sy3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sy4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:15.1\(2\)sy4a:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page