Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-20187
HistorySep 27, 2023 - 6:15 p.m.

CVE-2023-20187

2023-09-2718:15:11
CWE-823
[email protected]
web.nvd.nist.gov
cisco
asr 1000
vulnerability
dos
mlre
ipv6
multicast

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.0%

JSON

A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition.

Affected configurations

NVD
Node
ciscoios_xeMatch3.7.1s
OR
ciscoios_xeMatch3.7.2s
OR
ciscoios_xeMatch3.7.2ts
OR
ciscoios_xeMatch3.7.3s
OR
ciscoios_xeMatch3.7.4s
OR
ciscoios_xeMatch3.7.5s
OR
ciscoios_xeMatch3.7.6s
OR
ciscoios_xeMatch3.7.7s
OR
ciscoios_xeMatch3.8.0s
OR
ciscoios_xeMatch3.8.1s
OR
ciscoios_xeMatch3.8.2s
OR
ciscoios_xeMatch3.9.0s
OR
ciscoios_xeMatch3.9.1s
OR
ciscoios_xeMatch3.9.2s
OR
ciscoios_xeMatch3.10.0s
OR
ciscoios_xeMatch3.10.1s
OR
ciscoios_xeMatch3.10.1xbs
OR
ciscoios_xeMatch3.10.2s
OR
ciscoios_xeMatch3.10.3s
OR
ciscoios_xeMatch3.10.4s
OR
ciscoios_xeMatch3.10.5s
OR
ciscoios_xeMatch3.10.6s
OR
ciscoios_xeMatch3.10.7s
OR
ciscoios_xeMatch3.10.8as
OR
ciscoios_xeMatch3.10.8s
OR
ciscoios_xeMatch3.10.9s
OR
ciscoios_xeMatch3.10.10s
OR
ciscoios_xeMatch3.11.0s
OR
ciscoios_xeMatch3.11.1s
OR
ciscoios_xeMatch3.11.2s
OR
ciscoios_xeMatch3.11.3s
OR
ciscoios_xeMatch3.11.4s
OR
ciscoios_xeMatch3.12.0s
OR
ciscoios_xeMatch3.12.1s
OR
ciscoios_xeMatch3.12.2s
OR
ciscoios_xeMatch3.12.3s
OR
ciscoios_xeMatch3.12.4s
OR
ciscoios_xeMatch3.13.0s
OR
ciscoios_xeMatch3.13.1s
OR
ciscoios_xeMatch3.13.2as
OR
ciscoios_xeMatch3.13.2s
OR
ciscoios_xeMatch3.13.3s
OR
ciscoios_xeMatch3.13.4s
OR
ciscoios_xeMatch3.13.5as
OR
ciscoios_xeMatch3.13.5s
OR
ciscoios_xeMatch3.13.6as
OR
ciscoios_xeMatch3.13.6s
OR
ciscoios_xeMatch3.13.7s
OR
ciscoios_xeMatch3.13.8s
OR
ciscoios_xeMatch3.13.9s
OR
ciscoios_xeMatch3.13.10s
OR
ciscoios_xeMatch3.14.0s
OR
ciscoios_xeMatch3.14.1s
OR
ciscoios_xeMatch3.14.2s
OR
ciscoios_xeMatch3.14.3s
OR
ciscoios_xeMatch3.14.4s
OR
ciscoios_xeMatch3.15.0s
OR
ciscoios_xeMatch3.15.1s
OR
ciscoios_xeMatch3.15.2s
OR
ciscoios_xeMatch3.15.3s
OR
ciscoios_xeMatch3.15.4s
OR
ciscoios_xeMatch3.16.0s
OR
ciscoios_xeMatch3.16.1as
OR
ciscoios_xeMatch3.16.2bs
OR
ciscoios_xeMatch3.16.2s
OR
ciscoios_xeMatch3.16.3s
OR
ciscoios_xeMatch3.16.4as
OR
ciscoios_xeMatch3.16.4bs
OR
ciscoios_xeMatch3.16.5s
OR
ciscoios_xeMatch3.16.6bs
OR
ciscoios_xeMatch3.16.6s
OR
ciscoios_xeMatch3.16.7as
OR
ciscoios_xeMatch3.16.7bs
OR
ciscoios_xeMatch3.16.7s
OR
ciscoios_xeMatch3.16.8s
OR
ciscoios_xeMatch3.16.9s
OR
ciscoios_xeMatch3.16.10s
OR
ciscoios_xeMatch3.17.0s
OR
ciscoios_xeMatch3.17.1as
OR
ciscoios_xeMatch3.17.1s
OR
ciscoios_xeMatch3.17.2s
OR
ciscoios_xeMatch3.17.3s
OR
ciscoios_xeMatch3.17.4s
OR
ciscoios_xeMatch16.2.1
OR
ciscoios_xeMatch16.2.2
OR
ciscoios_xeMatch16.3.1
OR
ciscoios_xeMatch16.3.1a
OR
ciscoios_xeMatch16.3.2
OR
ciscoios_xeMatch16.3.3
OR
ciscoios_xeMatch16.3.4
OR
ciscoios_xeMatch16.3.5
OR
ciscoios_xeMatch16.3.6
OR
ciscoios_xeMatch16.3.7
OR
ciscoios_xeMatch16.3.8
OR
ciscoios_xeMatch16.3.9
OR
ciscoios_xeMatch16.3.10
OR
ciscoios_xeMatch16.3.11
OR
ciscoios_xeMatch16.4.1
OR
ciscoios_xeMatch16.4.2
OR
ciscoios_xeMatch16.4.3
OR
ciscoios_xeMatch16.5.1
OR
ciscoios_xeMatch16.5.1b
OR
ciscoios_xeMatch16.5.2
OR
ciscoios_xeMatch16.5.3
OR
ciscoios_xeMatch16.6.1
OR
ciscoios_xeMatch16.6.2
OR
ciscoios_xeMatch16.6.3
OR
ciscoios_xeMatch16.6.4
OR
ciscoios_xeMatch16.6.5
OR
ciscoios_xeMatch16.6.6
OR
ciscoios_xeMatch16.6.7
OR
ciscoios_xeMatch16.6.8
OR
ciscoios_xeMatch16.6.9
OR
ciscoios_xeMatch16.6.10
OR
ciscoios_xeMatch16.7.1
OR
ciscoios_xeMatch16.7.2
OR
ciscoios_xeMatch16.7.3
OR
ciscoios_xeMatch16.8.1
OR
ciscoios_xeMatch16.8.1s
OR
ciscoios_xeMatch16.8.2
OR
ciscoios_xeMatch16.8.3
OR
ciscoios_xeMatch16.9.1
OR
ciscoios_xeMatch16.9.1s
OR
ciscoios_xeMatch16.9.2
OR
ciscoios_xeMatch16.9.3
OR
ciscoios_xeMatch16.9.4
OR
ciscoios_xeMatch16.9.5
OR
ciscoios_xeMatch16.9.6
OR
ciscoios_xeMatch16.9.7
OR
ciscoios_xeMatch16.9.8
OR
ciscoios_xeMatch16.10.1
OR
ciscoios_xeMatch16.10.1a
OR
ciscoios_xeMatch16.10.1e
OR
ciscoios_xeMatch16.10.1s
OR
ciscoios_xeMatch16.10.2
OR
ciscoios_xeMatch16.10.3
OR
ciscoios_xeMatch16.11.1
OR
ciscoios_xeMatch16.11.1a
OR
ciscoios_xeMatch16.11.1s
OR
ciscoios_xeMatch16.11.2
OR
ciscoios_xeMatch16.12.1
OR
ciscoios_xeMatch16.12.1a
OR
ciscoios_xeMatch16.12.1c
OR
ciscoios_xeMatch16.12.1s
OR
ciscoios_xeMatch16.12.2
OR
ciscoios_xeMatch16.12.2s
OR
ciscoios_xeMatch16.12.3
OR
ciscoios_xeMatch16.12.3s
OR
ciscoios_xeMatch16.12.4
OR
ciscoios_xeMatch16.12.5
OR
ciscoios_xeMatch16.12.6
OR
ciscoios_xeMatch16.12.7
OR
ciscoios_xeMatch16.12.8
OR
ciscoios_xeMatch17.1.1
OR
ciscoios_xeMatch17.1.1s
OR
ciscoios_xeMatch17.1.1t
OR
ciscoios_xeMatch17.1.3
OR
ciscoios_xeMatch17.2.1
OR
ciscoios_xeMatch17.2.1r
OR
ciscoios_xeMatch17.2.1v
OR
ciscoios_xeMatch17.2.2
OR
ciscoios_xeMatch17.2.3
OR
ciscoios_xeMatch17.3.1
OR
ciscoios_xeMatch17.3.1a
OR
ciscoios_xeMatch17.3.2
OR
ciscoios_xeMatch17.3.3
OR
ciscoios_xeMatch17.3.4
OR
ciscoios_xeMatch17.3.4a
OR
ciscoios_xeMatch17.3.5
OR
ciscoios_xeMatch17.3.6
OR
ciscoios_xeMatch17.3.7
OR
ciscoios_xeMatch17.4.1
OR
ciscoios_xeMatch17.4.1a
OR
ciscoios_xeMatch17.4.1b
OR
ciscoios_xeMatch17.4.2
OR
ciscoios_xeMatch17.5.1
OR
ciscoios_xeMatch17.5.1a
OR
ciscoios_xeMatch17.5.1b
OR
ciscoios_xeMatch17.5.1c
OR
ciscoios_xeMatch17.6.1
OR
ciscoios_xeMatch17.6.1a
OR
ciscoios_xeMatch17.6.2
OR
ciscoios_xeMatch17.6.3
OR
ciscoios_xeMatch17.6.3a
OR
ciscoios_xeMatch17.6.4
OR
ciscoios_xeMatch17.6.5
OR
ciscoios_xeMatch17.7.1
OR
ciscoios_xeMatch17.7.1a
OR
ciscoios_xeMatch17.7.2
OR
ciscoios_xeMatch17.8.1
OR
ciscoios_xeMatch17.8.1a
OR
ciscoios_xeMatch17.9.1
OR
ciscoios_xeMatch17.9.1a
OR
ciscoios_xeMatch17.9.2
OR
ciscoios_xeMatch17.9.2a
OR
ciscoios_xeMatch17.9.3
OR
ciscoios_xeMatch17.9.3a
OR
ciscoios_xeMatch17.10.1
OR
ciscoios_xeMatch17.10.1a
OR
ciscoios_xeMatch17.11.1
OR
ciscoios_xeMatch17.11.1a
AND
ciscoasr1000-esp100Match-
OR
ciscoasr1000-esp200Match-
OR
ciscoasr1000-esp40Match-
OR
ciscoasr1001-hxMatch-
OR
ciscoasr1001-xMatch-
OR
ciscoasr1002-hxMatch-
OR
ciscoasr1002-xMatch-

Related

cvelist 1
cve 1
cisco 1
prion 1
cvelist
cvelist
CVE-2023-20187
2023-09-27 17:19:44
cve
cve
CVE-2023-20187
2023-09-27 18:15:11
cisco
cisco
Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability
2023-09-27 16:00:00
prion
prion
Race condition
2023-09-27 18:15:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.0%

JSON
Related for NVD:CVE-2023-20187
cvelist1cve1cisco1prion1