A vulnerability was found in Cisco Industrial Network Director (the affected version is unknown) and classified as problematic. Affected by this issue is an unknown code of the component DHCP Service. The manipulation with an unknown input leads to a resource management vulnerability. Using CWE to declare the problem leads to CWE-399. Impacted is availability. CVE summarizes:

A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of DHCP lease requests. An attacker could exploit this vulnerability by sending malicious DHCP lease requests to an affected application. A successful exploit could allow the attacker to cause the DHCP service to terminate, resulting in a DoS condition.

The bug was discovered 10/03/2018. The weakness was presented 10/05/2018 as cisco-sa-20181003-ind-dos as confirmed advisory (Website). The advisory is available at tools.cisco.com. This vulnerability is handled as CVE-2018-15392 since 08/17/2018. The attack needs to be initiated within the local network. No form of authentication is required for exploitation. The technical details are unknown and an exploit is not available.

The vulnerability was handled as a non-public zero-day exploit for at least 2 days. During that time the estimated underground price was around $0-$5k.

Upgrading eliminates this vulnerability.

Productinfo

Vendor

• Cisco

Name

• Industrial Network Director

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion