CVE-2015-0672 — Cisco IOS XR vulnerability

CWE-3994 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 42.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS XR

Timeline

PublishedMar 26

Latest updateMay 17

Description

The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/ios_xr5.2.2

🔴Vulnerability Details

GHSA

GHSA-q6qc-fcm9-4g8v: The DHCPv4 server in Cisco IOS XR 5↗2022-05-17

▶

CVEList

CVE-2015-0672: The DHCPv4 server in Cisco IOS XR 5↗2015-03-26

▶

📋Vendor Advisories

Cisco

Cisco IOS XR Software DHCPv4 Server Denial of Service Vulnerability↗2015-03-24

▶