CVE-2019-6473
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process (kea-dhcp4), causing the server process to exit. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ISC | Kea | 1.4.0 to 1.5.0 | affected |
| ISC | Kea | 1.6.0-beta1 | affected |
| ISC | Kea | 1.6.0-beta2 | affected |
Weaknesses
- An attacker who is able to deliberately exploit this vulnerability can cause the kea-dhcp4 server to stop executing, resulting in denial of service to clients. Only the DHCPv4 service is affected by this vulnerability.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.