7.5

CVE-2021-34737

A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.

Data is provided by the National Vulnerability Database (NVD)
CiscoIos Xr Version < 7.3.2
   CiscoAsr 9000v-v2 Version-
   CiscoAsr 9001 Version-
   CiscoAsr 9006 Version-
   CiscoAsr 9010 Version-
   CiscoAsr 9901 Version-
   CiscoAsr 9902 Version-
   CiscoAsr 9903 Version-
   CiscoAsr 9904 Version-
   CiscoAsr 9906 Version-
   CiscoAsr 9910 Version-
   CiscoAsr 9912 Version-
   CiscoAsr 9922 Version-
CiscoIos Xr Version >= 7.4.0 <= 7.4.1
   CiscoAsr 9000v-v2 Version-
   CiscoAsr 9001 Version-
   CiscoAsr 9006 Version-
   CiscoAsr 9010 Version-
   CiscoAsr 9901 Version-
   CiscoAsr 9902 Version-
   CiscoAsr 9903 Version-
   CiscoAsr 9904 Version-
   CiscoAsr 9906 Version-
   CiscoAsr 9910 Version-
   CiscoAsr 9912 Version-
   CiscoAsr 9922 Version-
CiscoIos Xr Version < 7.3.2
   CiscoIos Xrv 9000 Version-
CiscoIos Xr Version >= 7.4.0 <= 7.4.1
   CiscoIos Xrv 9000 Version-
CiscoIos Xr Version < 7.3.2
   CiscoNcs540-12z20g-sys-a Version-
   CiscoNcs540-12z20g-sys-d Version-
   CiscoNcs540-24z8q2c-m Version-
   CiscoNcs540-24z8q2c-sys Version-
   CiscoNcs540-28z4c-sys-a Version-
   CiscoNcs540-28z4c-sys-d Version-
   CiscoNcs540-acc-sys Version-
   CiscoNcs540x-12z16g-sys-a Version-
   CiscoNcs540x-12z16g-sys-d Version-
   CiscoNcs540x-16z4g8q2c-a Version-
   CiscoNcs540x-16z4g8q2c-d Version-
   CiscoNcs540x-acc-sys Version-
CiscoIos Xr Version >= 7.4.0 < 7.4.1
   CiscoNcs540-12z20g-sys-a Version-
   CiscoNcs540-12z20g-sys-d Version-
   CiscoNcs540-24z8q2c-m Version-
   CiscoNcs540-24z8q2c-sys Version-
   CiscoNcs540-28z4c-sys-a Version-
   CiscoNcs540-28z4c-sys-d Version-
   CiscoNcs540-acc-sys Version-
   CiscoNcs540x-12z16g-sys-a Version-
   CiscoNcs540x-12z16g-sys-d Version-
   CiscoNcs540x-16z4g8q2c-a Version-
   CiscoNcs540x-16z4g8q2c-d Version-
   CiscoNcs540x-acc-sys Version-
CiscoIos Xr Version < 7.3.2
   CiscoNcs 5001 Version-
   CiscoNcs 5002 Version-
   CiscoNcs 5011 Version-
CiscoIos Xr Version >= 7.4.0 < 7.4.1
   CiscoNcs 5001 Version-
   CiscoNcs 5002 Version-
   CiscoNcs 5011 Version-
CiscoIos Xr Version < 7.3.2
   CiscoNcs 560-4 Version-
   CiscoNcs 560-7 Version-
CiscoIos Xr Version >= 7.4.0 < 7.4.1
   CiscoNcs 560-4 Version-
   CiscoNcs 560-7 Version-
CiscoIos Xr Version < 7.3.2
   CiscoNcs 5501 Version-
   CiscoNcs 5501-se Version-
   CiscoNcs 5502 Version-
   CiscoNcs 5502-se Version-
   CiscoNcs 5508 Version-
   CiscoNcs 5516 Version-
CiscoIos Xr Version >= 7.4.0 < 7.4.1
   CiscoNcs 5501 Version-
   CiscoNcs 5501-se Version-
   CiscoNcs 5502 Version-
   CiscoNcs 5502-se Version-
   CiscoNcs 5508 Version-
   CiscoNcs 5516 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.42% 0.613
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
psirt@cisco.com 5.8 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.