Lucene search

[email protected]CVE-2023-20202

HistorySep 27, 2023 - 6:15 p.m.

CVE-2023-20202

2023-09-2718:15:11

CWE-789

[email protected]

web.nvd.nist.gov

cisco

ios xe

software

wireless lan controllers

vulnerability

dos

nvd

cve-2023-20202

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.9%

JSON

A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.

This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.

Affected configurations

NVD

Node

ciscoios_xeMatch17.9.1

ciscoios_xeMatch17.9.1a

ciscoios_xeMatch17.9.1w

ciscoios_xeMatch17.9.1x

ciscoios_xeMatch17.9.1x1

ciscoios_xeMatch17.9.1y

ciscoios_xeMatch17.9.2

ciscoios_xeMatch17.9.2a

ciscoios_xeMatch17.9.2b

ciscoios_xeMatch17.10.1

ciscoios_xeMatch17.10.1a

ciscoios_xeMatch17.10.1b

AND

ciscocatalyst_9105iMatch-

ciscocatalyst_9105wMatch-

ciscocatalyst_9115Match-

ciscocatalyst_9120Match-

ciscocatalyst_9124dMatch-

ciscocatalyst_9124eMatch-

ciscocatalyst_9124iMatch-

ciscocatalyst_9130Match-

ciscocatalyst_9136Match-

ciscocatalyst_9162Match-

ciscocatalyst_9164Match-

ciscocatalyst_9166Match-

ciscocatalyst_9166d1Match-

ciscocatalyst_9800-40Match-

ciscocatalyst_9800-80Match-

ciscocatalyst_9800-clMatch-

ciscocatalyst_9800-lMatch-

ciscocatalyst_iw6300Match-

ciscoesw6300Match-

ciscoiw9167eh-x-apMatch-

ciscoiw9167eh-x-urwbMatch-

ciscoiw9167eh-x-wgbMatch-

ciscoiw9167ih-x-apMatch-

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq17.9.1
cisco:ios_xecisco ios xeeq17.9.1a
cisco:ios_xecisco ios xeeq17.9.1w
cisco:ios_xecisco ios xeeq17.9.1x
cisco:ios_xecisco ios xeeq17.9.1x1
cisco:ios_xecisco ios xeeq17.9.1y
cisco:ios_xecisco ios xeeq17.9.2
cisco:ios_xecisco ios xeeq17.9.2a
cisco:ios_xecisco ios xeeq17.9.2b
cisco:ios_xecisco ios xeeq17.10.1

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	17.9.1
cisco:ios_xe	cisco ios xe	eq	17.9.1a
cisco:ios_xe	cisco ios xe	eq	17.9.1w
cisco:ios_xe	cisco ios xe	eq	17.9.1x
cisco:ios_xe	cisco ios xe	eq	17.9.1x1
cisco:ios_xe	cisco ios xe	eq	17.9.1y
cisco:ios_xe	cisco ios xe	eq	17.9.2
cisco:ios_xe	cisco ios xe	eq	17.9.2a
cisco:ios_xe	cisco ios xe	eq	17.9.2b
cisco:ios_xe	cisco ios xe	eq	17.10.1

Rows per page:

1-10 of 121

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco IOS XE Software",
    "versions": [
      {
        "version": "17.10.1",
        "status": "affected"
      },
      {
        "version": "17.10.1a",
        "status": "affected"
      },
      {
        "version": "17.10.1b",
        "status": "affected"
      },
      {
        "version": "17.9.1",
        "status": "affected"
      },
      {
        "version": "17.9.1w",
        "status": "affected"
      },
      {
        "version": "17.9.2",
        "status": "affected"
      },
      {
        "version": "17.9.1a",
        "status": "affected"
      },
      {
        "version": "17.9.1x",
        "status": "affected"
      },
      {
        "version": "17.9.1y",
        "status": "affected"
      },
      {
        "version": "17.9.2a",
        "status": "affected"
      },
      {
        "version": "17.9.1x1",
        "status": "affected"
      }
    ]
  }
]