5

CVE-2004-1111

EPSS 2.79%
Published 10.01.2005 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Multiservice Platform 2650

Cisco ≫ Multiservice Platform 2650xm

Cisco ≫ Multiservice Platform 2651

Cisco ≫ Multiservice Platform 2651xm

Cisco ≫ 7200 Router

Cisco ≫ 7300 Router

Cisco ≫ 7500 Router

Cisco ≫ 7600 Router

Cisco ≫ Catalyst 7600 Editionsup720_msfc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.79%	0.848

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://www.ciac.org/ciac/bulletins/p-034.shtml

http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml

http://www.kb.cert.org/vuls/id/630104

Third Party Advisory

US Government Resource

http://www.us-cert.gov/cas/techalerts/TA04-316A.html

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/18021

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632

https://nvd.nist.gov/vuln/detail/CVE-2004-1111

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1111

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1111

EUVD