How severe is CVE-2024-20480?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2024-20480?

This is classified as CWE-783, which is a common weakness in software security.

CVE-2024-20480 - HIGH Severity | CVSS 8.6

Vulnerability Description

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. This vulnerability is due to improper handling of IPv4 DHCP packets. An attacker could exploit this vulnerability by sending certain IPv4 DHCP packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition that requires a manual reload to recover.

Related Vulnerabilities

CVE-2024-20314

HIGH

CVSS:8.6(High)

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop...

CWE-7832024

CVE-2024-31335

HIGH

CVSS:8.4(High)

In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no a...

CWE-7832024

CVE-2022-20477

HIGH

CVSS:7.8(High)

In shouldHideNotification of KeyguardNotificationVisibilityProvider.kt, there is a possible way to show hidden notifications due to a logic error in the code. This could lead to local escalation of pr...

CWE-7832022

CVE-2024-31326

HIGH

CVSS:7.8(High)

In multiple locations, there is a possible way in which policy migration code will never be executed due to a logic error in the code. This could lead to local escalation of privilege with no addition...

CWE-7832024

CVE-2024-31331

HIGH

CVSS:7.8(High)

In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User ex...

CWE-7832024

CVE-2024-34726

HIGH

CVSS:7.8(High)

In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execu...

CWE-7832024