Lucene search

[email protected]NVD:CVE-2023-20268

HistorySep 27, 2023 - 6:15 p.m.

CVE-2023-20268

2023-09-2718:15:11

CWE-400

[email protected]

web.nvd.nist.gov

cve-2023-20268

vulnerability

cisco access point

resource exhaustion

unauthenticated attacker

wireless packets

capwap tunnel

wireless client traffic

exploit

sustained attack

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

4.8

Confidence

High

EPSS

Percentile

12.7%

JSON

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.

This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.

Affected configurations

Nvd

Node

ciscowireless_lan_controller_softwareRange<8.10.190.0

Node

ciscocatalyst_9800_embedded_wireless_controller_firmwareRange<17.3.8

ciscocatalyst_9800_embedded_wireless_controller_firmwareRange17.4.0–17.6.6

ciscocatalyst_9800_embedded_wireless_controller_firmwareRange17.8.0–17.9.4

AND

ciscocatalyst_9800_embedded_wireless_controllerMatch-

Node

ciscobusiness_150ax_firmwareRange<10.6.2.0

AND

ciscobusiness_150axMatch-

Node

ciscobusiness_151axm_firmwareRange<10.6.2.0

AND

ciscobusiness_151axmMatch-

VendorProductVersionCPE
ciscowireless_lan_controller_software*cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*
ciscocatalyst_9800_embedded_wireless_controller_firmware*cpe:2.3:o:cisco:catalyst_9800_embedded_wireless_controller_firmware:*:*:*:*:*:*:*:*
ciscocatalyst_9800_embedded_wireless_controller-cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*
ciscobusiness_150ax_firmware*cpe:2.3:o:cisco:business_150ax_firmware:*:*:*:*:*:*:*:*
ciscobusiness_150ax-cpe:2.3:h:cisco:business_150ax:-:*:*:*:*:*:*:*
ciscobusiness_151axm_firmware*cpe:2.3:o:cisco:business_151axm_firmware:*:*:*:*:*:*:*:*
ciscobusiness_151axm-cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	wireless_lan_controller_software	*	cpe:2.3:o:cisco:wireless_lan_controller_software::::::::
cisco	catalyst_9800_embedded_wireless_controller_firmware	*	cpe:2.3:o:cisco:catalyst_9800_embedded_wireless_controller_firmware::::::::
cisco	catalyst_9800_embedded_wireless_controller	-	cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:::::::*
cisco	business_150ax_firmware	*	cpe:2.3:o:cisco:business_150ax_firmware::::::::
cisco	business_150ax	-	cpe:2.3:h:cisco:business_150ax:-:::::::*
cisco	business_151axm_firmware	*	cpe:2.3:o:cisco:business_151axm_firmware::::::::
cisco	business_151axm	-	cpe:2.3:h:cisco:business_151axm:-:::::::*