Cisco IOS Software DHCPv6 Server Implementation Denial of Service Vulnerability

ID CISCO-SA-20150918-CVE-2015-6297
Type cisco
Reporter Cisco
Modified 2015-09-18T04:41:17


A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to improper handling of crafted DHCPv6 packets. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to be processed by the affected device. An exploit could allow the attacker to cause a reset of an affected process.

Cisco has confirmed the vulnerability and released software updates.

To exploit this vulnerability a remote attacker does not need to authenticate to pass the crafted DHCPv6 packets to the targeted device. This increases the likelihood of a possible exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.