CVE-2023-20176

A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.

CVSS v3 5.8 MEDIUM

5.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ	Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:catalyst_9166_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:catalyst_9164_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:catalyst_9136_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:catalyst_9130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:catalyst_9124_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:40

Type	Values Removed	Values Added
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ - Vendor Advisory~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~8.6~~	v2 : unknown v3 : 5.8

02 Oct 2023, 18:55

Type	Values Removed	Values Added
CPE		cpe:2.3:o:cisco:catalyst_9166_firmware:::::::: cpe:2.3:h:cisco:catalyst_9166:-:::::::* cpe:2.3:h:cisco:catalyst_9136:-:::::::* cpe:2.3:h:cisco:catalyst_9124:-:::::::* cpe:2.3:o:cisco:catalyst_9164_firmware:::::::: cpe:2.3:o:cisco:catalyst_9136_firmware:::::::: cpe:2.3:h:cisco:catalyst_9164:-:::::::* cpe:2.3:h:cisco:catalyst_9130:-:::::::* cpe:2.3:o:cisco:catalyst_9124_firmware:::::::: cpe:2.3:o:cisco:catalyst_9130_firmware::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.6
References	~~(MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ -~~	(MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ - Vendor Advisory
First Time		Cisco catalyst 9124 Cisco catalyst 9166 Cisco catalyst 9136 Cisco catalyst 9130 Cisco catalyst 9130 Firmware Cisco Cisco catalyst 9136 Firmware Cisco catalyst 9164 Firmware Cisco catalyst 9166 Firmware Cisco catalyst 9164 Cisco catalyst 9124 Firmware
CWE		CWE-400

27 Sep 2023, 18:31

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-09-27 18:15

Updated : 2024-11-21 07:40

NVD link : CVE-2023-20176

Mitre link : CVE-2023-20176

CVE.ORG link : CVE-2023-20176

JSON object : View

Products Affected

cisco

catalyst_9136_firmware
catalyst_9166
catalyst_9130_firmware
catalyst_9166_firmware
catalyst_9164
catalyst_9124_firmware
catalyst_9130
catalyst_9124
catalyst_9164_firmware
catalyst_9136

CWE

CWE-400

Uncontrolled Resource Consumption

5.8 /10