CVE-2026-20084Uncontrolled Resource Consumption in Cisco IOS XE Software

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
8.6HIGHNVD
EPSS
0.1%
top 65.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XE Software
Timeline
PublishedMar 25

Description

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of BOOTP packets on Cisco Catalyst 9000 Series Switches. An attacker could exploit this vulnerability by sending BOOTP request packets to an affected device. A successful exploit could allow an attacker to forward BOOTP packets fro

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages1 packages

CVEListV5cisco/cisco_ios_xe_software107 versions+106

🔴Vulnerability Details

2
CVEList
CVE-2026-20084: A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be for2026-03-25
GHSA
GHSA-m8vf-g949-jwr2: A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be for2026-03-25

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability2026-03-25
CVE-2026-20084 — Uncontrolled Resource Consumption | cvebase