QID 317042
Date Published: 2021-09-20
QID 317042: Cisco Internetwork Operating System (IOS) XR Software Dynamic Host Configuration Protocol (DHCP) Version 4 Server Denial of Service (DoS) Vulnerability (cisco-sa-iosxr-dhcp-dos-pjPVReLU)
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated,
remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition.
Affected Products
Following Cisco products if they were running Cisco IOS XR Software releases earlier than Release 7.3.2 or earlier than Release 7.4.1 and
had the DHCPv4 server feature or the DHCPv4 proxy feature enabled:
ASR 9000 Series Aggregation Services Routers
IOS XRv 9000 Routers
Network Convergence System (NCS) 540 Series Routers
NCS 560 Series Routers
NCS 5000 Series Routers
NCS 5500 Series Routers
Note: Potential as platform cannot be confirmed.
QID Detection Logic (Authenticated):
The check matches Cisco IOS XR version retrieved via Unix Auth using "show version" command.
A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process.
While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device.
This could temporarily prevent network access to clients that join the network during that time period.
Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.
Customers are advised to refer to cisco-sa-iosxr-dhcp-dos-pjPVReLU for more information.
- cisco-sa-iosxr-dhcp-dos-pjPVReLU -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU
CVEs related to QID 317042
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-iosxr-dhcp-dos-pjPVReLU |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU |