CVE-2023-20176

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
8.6HIGH
EPSS
0.1%
top 68.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Cisco Catalyst 9124 FirmwareCisco Catalyst 9130 FirmwareCisco Catalyst 9136 Firmware+4 more
Timeline
PublishedSep 27

Description

A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages7 packages

🔴Vulnerability Details

2
GHSA
GHSA-68hh-p8m2-hpx3: A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary d2023-09-27
CVEList
CVE-2023-20176: A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary d2023-09-27

📋Vendor Advisories

1
Cisco
Cisco Catalyst 9100 Access Points Denial of Service Vulnerability2023-09-27
CVE-2023-20176 (HIGH CVSS 8.6) | A vulnerability in the networking c | cvebase.io