CVE-2016-6424 — Cisco Adaptive Security Appliance Software vulnerability

CWE-3994 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.7%

top 28.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software

Timeline

PublishedOct 6

Latest updateMay 14

Description

The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDcisco/adaptive_security_appliance_software8.4.7.29, 9.1\(7\)4+1

🔴Vulnerability Details

GHSA

GHSA-mrrg-x8wc-mhcg: The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8↗2022-05-14

▶

CVEList

CVE-2016-6424: The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8↗2016-10-06

▶

📋Vendor Advisories

Cisco

Cisco ASA Software DHCP Relay Denial of Service Vulnerability↗2016-10-05

▶