Lucene search

[email protected]NVD:CVE-2023-20226

HistorySep 27, 2023 - 6:15 p.m.

CVE-2023-20226

2023-09-2718:15:11

CWE-456

[email protected]

web.nvd.nist.gov

cisco

dos

vulnerability

ios xe software

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.0%

JSON

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Affected configurations

NVD

Node

ciscoios_xeMatch17.7.1

ciscoios_xeMatch17.7.1a

ciscoios_xeMatch17.7.2

ciscoios_xeMatch17.8.1

ciscoios_xeMatch17.8.1a

ciscoios_xeMatch17.9.1

ciscoios_xeMatch17.9.1a

ciscoios_xeMatch17.9.2

ciscoios_xeMatch17.9.2a

ciscoios_xeMatch17.10.1

ciscoios_xeMatch17.10.1a

AND

ciscocatalyst_8000v_edgeMatch-

cisco1100-4g_integrated_services_routerMatch-

cisco1100-4gltegb_integrated_services_routerMatch-

cisco1100-4gltena_integrated_services_routerMatch-

cisco1100-6g_integrated_services_routerMatch-

cisco4221_integrated_services_routerMatch-

cisco4321\/k9-rf_integrated_services_routerMatch-

cisco4321\/k9-ws_integrated_services_routerMatch-

cisco4321\/k9_integrated_services_routerMatch-

cisco4321_integrated_services_routerMatch-

cisco4331\/k9-rf_integrated_services_routerMatch-

cisco4331\/k9-ws_integrated_services_routerMatch-

cisco4331\/k9_integrated_services_routerMatch-

cisco4331_integrated_services_routerMatch-

cisco4351\/k9-rf_integrated_services_routerMatch-

cisco4351\/k9-ws_integrated_services_routerMatch-

cisco4351\/k9_integrated_services_routerMatch-

cisco4351_integrated_services_routerMatch-

cisco4431_integrated_services_routerMatch-

ciscoc8200-1n-4tMatch-

ciscoc8200l-1n-4tMatch-

ciscoc8500l-8s4xMatch-

ciscocatalyst_8300-1n1s-4t2xMatch-

ciscocatalyst_8300-1n1s-6tMatch-

ciscocatalyst_8300-2n2s-4t2xMatch-

ciscocatalyst_8300-2n2s-6tMatch-

ciscocatalyst_ir8340Match-

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.0%

JSON

Related for NVD:CVE-2023-20226

prion1 cve1 cvelist1 cisco1 nessus1