CVE-2023-20176

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20176
A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.

5.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:catalyst_9166_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:cisco:catalyst_9164_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:cisco:catalyst_9136_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:cisco:catalyst_9130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:cisco:catalyst_9124_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*
History

21 Nov 2024, 07:40

Type Values Removed Values Added
References () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ - Vendor Advisory () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ - Vendor Advisory
CVSS v2 : unknown
v3 : 8.6 		v2 : unknown
v3 : 5.8
Information

Published : 2023-09-27 18:15

Updated : 2024-11-21 07:40

NVD link : CVE-2023-20176

Mitre link : CVE-2023-20176

CVE.ORG link : CVE-2023-20176

JSON object : View

Products Affected

cisco

  • catalyst_9136_firmware
  • catalyst_9130_firmware
  • catalyst_9124
  • catalyst_9166
  • catalyst_9164_firmware
  • catalyst_9166_firmware
  • catalyst_9130
  • catalyst_9124_firmware
  • catalyst_9164
  • catalyst_9136
CWE
CWE-400

Uncontrolled Resource Consumption