Cisco ASA: CVE-2023-20081: Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability

发布于3月6日3月6日

Members

Cisco ASA: CVE-2023-20081: Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:N/A:C)

Published

03/22/2023

Created

04/04/2023

Added

04/03/2023

Modified

01/22/2025

Description

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position.

Solution(s)

cisco-asa-update-latest

References

https://attackerkb.com/topics/cve-2023-20081
CVE - 2023-20081
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv
cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv

查看数 700
已创建 3月6日3月6日
最后回复 3月6日3月6日

https://www.ishack.org/topic/9923.html/

粉丝

转到主题列表

登录

Cisco ASA: CVE-2023-20081: Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability

recommended_posts

Cisco ASA: CVE-2023-20081: Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability

Description

Solution(s)

References

欢迎来到红帽社区

社区动态

红龙逆向工具箱2025最新版(ISHACK改良版)

修改底部版权信息

ips4.7升级到5.x版本问题。

IPS Invision Community 经常自动退出登录解决

网站程序安装中文语言包时没有中文选项？Debian中文包

帐户

导航

搜索