CVE-2024-3661

low

Description

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.

References

Details

Source: Mitre, NVD

Published: 2024-05-06

Updated: 2025-01-15

Named Vulnerability: TunnelVision

Risk Information

CVSS v2

Base Score: 7.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.6

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Severity: High

CVSS v4

Base Score: 2.1

Vector: CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Low

EPSS

EPSS: 0.00817