DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
Metrics
Affected Vendors & Products
References
History
Thu, 07 Nov 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
threat_severity
|
threat_severity
|
Tue, 22 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
MITRE
Status: PUBLISHED
Assigner: cisa-cg
Published: 2024-05-06T18:31:21.217Z
Updated: 2024-08-28T19:09:06.995Z
Reserved: 2024-04-11T17:24:22.637Z
Link: CVE-2024-3661
Vulnrichment
Updated: 2024-08-01T20:20:00.420Z
NVD
Status : Awaiting Analysis
Published: 2024-05-06T19:15:11.027
Modified: 2024-11-21T09:30:07.610
Link: CVE-2024-3661
Redhat