A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.
References
Link | Resource |
---|---|
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-HFGMsfSD | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
06 Oct 2023, 13:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124e:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.2b:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9166d1:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:iw9167ih-x-ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124d:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:iw9167eh-x-wgb:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:iw9167eh-x-urwb:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:* cpe:2.3:h:cisco:iw9167eh-x-ap:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:* |
|
First Time |
Cisco catalyst 9166
Cisco catalyst 9800-l Cisco iw9167eh-x-urwb Cisco catalyst 9120 Cisco catalyst 9136 Cisco catalyst 9800-cl Cisco catalyst 9130 Cisco catalyst 9115 Cisco iw9167eh-x-wgb Cisco Cisco catalyst 9800-80 Cisco iw9167ih-x-ap Cisco catalyst 9124d Cisco catalyst 9162 Cisco iw9167eh-x-ap Cisco esw6300 Cisco catalyst 9105w Cisco catalyst 9105i Cisco catalyst 9166d1 Cisco catalyst 9800-40 Cisco catalyst Iw6300 Cisco catalyst 9124i Cisco ios Xe Cisco catalyst 9124e Cisco catalyst 9164 |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-HFGMsfSD - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
27 Sep 2023, 18:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-27 18:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-20202
Mitre link : CVE-2023-20202
CVE.ORG link : CVE-2023-20202
JSON object : View
Products Affected
cisco
- iw9167ih-x-ap
- iw9167eh-x-urwb
- catalyst_9115
- catalyst_9130
- iw9167eh-x-ap
- catalyst_iw6300
- catalyst_9800-cl
- catalyst_9166
- catalyst_9162
- catalyst_9124i
- ios_xe
- esw6300
- catalyst_9800-l
- catalyst_9124e
- catalyst_9105w
- catalyst_9120
- catalyst_9164
- catalyst_9136
- catalyst_9166d1
- iw9167eh-x-wgb
- catalyst_9105i
- catalyst_9124d
- catalyst_9800-40
- catalyst_9800-80
CWE