cbcvebase.
CVE-2023-20112
published 2023-03-23

CVE-2023-20112: A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an…

medium6.5CVSS 3.1
AVAACLPRNUINSUCNINAH
A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
ciscoaccess_point
ciscobusiness_150ax_firmware< 10.3.2.010.3.2.0
ciscobusiness_151axm_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9105ax_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9105axi_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9105axw_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9105i_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9105w_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9115_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9115ax_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9115axe_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9115axi_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9117_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9117ax_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9117axi_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9120_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9120ax_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9120axe_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9120axi_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9120axp_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9124_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9124ax_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9124axd_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9124axi_firmware< 10.3.2.010.3.2.0
ciscocatalyst_9130_firmware< 10.3.2.010.3.2.0