CVE-2018-15392

CWE-3994 documents4 sources

Severity

4.3MEDIUM

EPSS

0.1%

top 71.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Industrial Network Director Cisco Cisco Industrial Network Director

Timeline

PublishedOct 5

Latest updateMay 13

Description

A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of DHCP lease requests. An attacker could exploit this vulnerability by sending malicious DHCP lease requests to an affected application. A successful exploit could allow the attacker to cause the DHCP service to terminate, resulting in a DoS condition.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶NVDcisco/industrial_network_director1.5\(0.3\)

▶CVEListV5cisco/cisco_industrial_network_directorn/a

🔴Vulnerability Details

GHSA

GHSA-rr34-f794-39mj: A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of servic↗2022-05-13

▶

CVEList

Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability↗2018-10-05

▶

📋Vendor Advisories

Cisco

Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability↗2018-10-03

▶