CVE-2023-20168Classic Buffer Overflow in Cisco Nx-os Software

CWE-120Classic Buffer OverflowCWE-20Improper Input Validation4 documents4 sources
Severity
6.5MEDIUMNVD
CNA7.1
EPSS
0.1%
top 70.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Nx-os SoftwareCisco Nx-os
Timeline
PublishedAug 23

Description

A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages2 packages

CVEListV5cisco/cisco_nx-os_software344 versions+343
NVDcisco/nx-os10.2\(5\), 9.3\(11\)+1

🔴Vulnerability Details

2
CVEList
CVE-2023-20168: A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affect2023-08-23
GHSA
GHSA-fgh5-3xv7-c973: A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affect2023-08-23

📋Vendor Advisories

1
Cisco
Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability2023-08-23