Cisco IOS XE DHCP AAA Clients DoS (CSCuh04949)

medium Nessus Plugin ID 76882

Synopsis

The remote device is affected by a denial of service vulnerability.

Description

According to its self-reported version, the remote IOS device is affected by a denial of service vulnerability.

A denial of service flaw exists in the DHCP function when handling AAA client IP address assignment. An authenticated attacker, with a specially crafted AAA packet, could cause the device to reboot.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCuh04949.

See Also

https://tools.cisco.com/security/center/viewAlert.x?alertId=31860

http://www.nessus.org/u?e08811a4

Plugin Details

Severity: Medium

ID: 76882

File Name: cisco-sn-CSCuh04949-iosxe.nasl

Version: 1.9

Type: combined

Family: CISCO

Published: 7/29/2014

Updated: 5/3/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.3

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 11/21/2013

Vulnerability Publication Date: 11/21/2013

Reference Information

CVE: CVE-2013-6692

BID: 63855

CISCO-BUG-ID: CSCuh04949