Vulnerabilites related to cisco - catalyst_9136_firmware
Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:business_150ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53461D22-32D2-4DE1-AD92-7973EC5B205B", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:business_150ax:-:*:*:*:*:*:*:*", matchCriteriaId: "AB2B555E-1523-4C62-A91D-EE1F3F1200EC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:business_151axm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A020A23-9AD6-4543-A859-3830EBB12296", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*", matchCriteriaId: "8760865B-4AB3-4A1A-960D-FF6974A7AC06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9105ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AEAD0137-380A-42A1-8292-9923CCD36FEA", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*", matchCriteriaId: "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9105axi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D31EFF0-1179-47AA-9D6E-1C9760F5A9EC", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*", matchCriteriaId: "19F93DF4-67DB-4B30-AC22-60C67DF32DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9105axw_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D301BE7A-4A6A-48B1-8CF2-2FB930D47DB2", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*", matchCriteriaId: "59C77B06-3C22-4092-AAAB-DB099A0B16A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9105i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70D701B8-21F8-4286-B31F-C4CC18FF3B07", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*", matchCriteriaId: "93510CF6-232E-4FBD-BF01-79070306FB97", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9105w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CC5C951-CA0B-445D-B340-D1D6ECD94A59", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*", matchCriteriaId: "77BE20A3-964E-46D3-ACA2-B53A175027D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9115_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F837E8E-7B45-4D1C-8AD6-A40E60BB5CD0", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*", matchCriteriaId: "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9115ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37255F5F-CB34-469E-A323-59914D7540CF", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*", matchCriteriaId: "36E2B891-4F41-4D0D-BAA2-0256C0565BDE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9115axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "591778EC-0772-44E4-B021-54B1B3504E83", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*", matchCriteriaId: "DE4C56A6-E843-498A-A17B-D3D1B01E70E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9115axi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0D5E598-481E-449A-9971-179687EB9592", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*", matchCriteriaId: "F050F416-44C3-474C-9002-321A33F288D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9117_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51F49A92-966B-4269-9E35-7A28A86685A6", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*", matchCriteriaId: "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9117ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7AD186AA-430B-4F51-AAB0-9D869EAD586C", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*", matchCriteriaId: "BA8798F4-35BB-4F81-9385-B0274BFAAF15", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9117axi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B540968A-C15E-4DAC-AEAE-4A0218600194", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*", matchCriteriaId: "7A699C5C-CD03-4263-952F-5074B470F20E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E55F958F-C3DC-4DAF-8EE5-C55562224DA2", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*", matchCriteriaId: "A47C2D6F-8F90-4D74-AFE1-EAE954021F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9120ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1794D85C-A7E4-4959-A3F8-0F15BD4D30D1", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*", matchCriteriaId: "5889AFA2-752E-4EDD-A837-5C003025B25C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9120axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "588A0484-72B4-479C-9EA3-D427979BAAAB", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*", matchCriteriaId: "46D41CFE-784B-40EE-9431-8097428E5892", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9120axi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A7A404E6-04C8-48C3-8D86-866969BEFA63", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*", matchCriteriaId: "5D148A27-85B6-4883-96B5-343C8D32F23B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9120axp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D7445C6-7A24-454A-8129-C4F3EEB38130", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*", matchCriteriaId: "735CA950-672C-4787-8910-48AD07868FDE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9124_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A5860B4-186D-460F-9C36-D3031D927AB1", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*", matchCriteriaId: "C11EF240-7599-4138-B7A7-17E4479F5B83", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9124ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB68FAD-4F8C-4228-99C4-6EDFFAF5242D", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*", matchCriteriaId: "53852300-C1D2-4F84-B8DA-4EDBCB374075", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9124axd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBB23E27-C004-4932-8690-1ECE1F4981B9", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*", matchCriteriaId: "E987C945-4D6D-4BE5-B6F0-784B7E821D11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9124axi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7147FDD8-9B32-46E3-8537-0E8BEFFA4893", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*", matchCriteriaId: "B434C6D7-F583-4D2B-9275-38A5EC4ECC30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D612055-BDA4-49E2-9F31-1E434685BB83", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*", matchCriteriaId: "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9130ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61148FE7-059D-47B6-92B6-14187ED5B65A", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*", matchCriteriaId: "5CADEB5A-5147-4420-A825-BAB07BD60AA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9130axe_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "457919D4-12E5-4E31-B29C-A2798B711D0D", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*", matchCriteriaId: "4EC1F736-6240-4FA2-9FEC-D8798C9D287C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9130axi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B49F389-8F3E-421C-8C6B-FD05EAD6ED34", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*", matchCriteriaId: "169E5354-07EA-4639-AB4B-20D2B9DE784C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9136_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F409EED4-899A-4C4C-B919-2C5E6F96A738", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*", matchCriteriaId: "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9162_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17541D5B-1F7D-4F99-92D1-2A2709F2D12E", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*", matchCriteriaId: "C9347227-9FA8-46B6-96EF-713543376296", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9164_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A85B807-FE69-4445-9846-1C50BFD0D4E1", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*", matchCriteriaId: "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D76C0984-493A-4875-AACF-20870DF5DD7C", versionEndExcluding: "10.3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*", matchCriteriaId: "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.", }, ], id: "CVE-2023-20112", lastModified: "2024-11-21T07:40:34.933", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "ykramarz@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-23T17:15:15.267", references: [ { source: "ykramarz@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2", }, ], sourceIdentifier: "ykramarz@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-126", }, ], source: "ykramarz@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-27 18:15
Modified
2024-11-21 07:40
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service.
This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
cisco | catalyst_9166_firmware | * | |
cisco | catalyst_9166 | - | |
cisco | catalyst_9164_firmware | * | |
cisco | catalyst_9164 | - | |
cisco | catalyst_9136_firmware | * | |
cisco | catalyst_9136 | - | |
cisco | catalyst_9130_firmware | * | |
cisco | catalyst_9130 | - | |
cisco | catalyst_9124_firmware | * | |
cisco | catalyst_9124 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9E58B3F-A839-40D2-94E8-DBBA4233CB6A", versionEndExcluding: "17.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*", matchCriteriaId: "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9164_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "674A6482-211F-43C7-BB67-4B0DBEB08E2F", versionEndExcluding: "17.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*", matchCriteriaId: "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9136_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02DBA4EC-6404-467A-A862-5CF3704CA8CF", versionEndExcluding: "17.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*", matchCriteriaId: "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "396ED75A-FF33-4AE5-BE9F-DBFD111532CF", versionEndExcluding: "17.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*", matchCriteriaId: "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9124_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51EEDFEA-1E40-471B-8B2E-363C248F816E", versionEndExcluding: "17.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*", matchCriteriaId: "C11EF240-7599-4138-B7A7-17E4479F5B83", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service.\r\n\r This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.", }, { lang: "es", value: "Una vulnerabilidad en el componente de red del software del punto de acceso (AP) de Cisco podría permitir que un atacante remoto no autenticado cause una interrupción temporal del servicio. Esta vulnerabilidad se debe al uso excesivo de los recursos AP. Un atacante podría aprovechar esta vulnerabilidad conectándose a un AP en un dispositivo afectado como cliente inalámbrico y enviando una alta tasa de tráfico durante un período prolongado de tiempo. Un exploit exitoso podría permitir al atacante provocar que la sesión de Datagram TLS (DTLS) se interrumpa y se reinicie, provocando una condición de denegación de servicio (DoS).", }, ], id: "CVE-2023-20176", lastModified: "2024-11-21T07:40:45.027", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "ykramarz@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-27T18:15:10.923", references: [ { source: "ykramarz@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ", }, ], sourceIdentifier: "ykramarz@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "ykramarz@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2023-20176
Vulnerability from cvelistv5
Published
2023-09-27 17:25
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service.
This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Aironet Access Point Software |
Version: 8.10.170.0 |
||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-click-ap-dos-wdcXkvnQ", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Aironet Access Point Software", vendor: "Cisco", versions: [ { status: "affected", version: "8.10.170.0", }, ], }, { product: "Cisco Aironet Access Point Software (IOS XE Controller)", vendor: "Cisco", versions: [ { status: "affected", version: "16.10.1e", }, { status: "affected", version: "16.10.1", }, { status: "affected", version: "17.1.1t", }, { status: "affected", version: "17.1.1s", }, { status: "affected", version: "17.1.1", }, { status: "affected", version: "16.11.1a", }, { status: "affected", version: "16.11.1", }, { status: "affected", version: "16.11.1c", }, { status: "affected", version: "16.11.1b", }, { status: "affected", version: "16.12.1s", }, { status: "affected", version: "16.12.4", }, { status: "affected", version: "16.12.1", }, { status: "affected", version: "16.12.2s", }, { status: "affected", version: "16.12.1t", }, { status: "affected", version: "16.12.4a", }, { status: "affected", version: "16.12.5", }, { status: "affected", version: "16.12.3", }, { status: "affected", version: "16.12.6", }, { status: "affected", version: "16.12.8", }, { status: "affected", version: "16.12.7", }, { status: "affected", version: "16.12.6a", }, { status: "affected", version: "17.3.1", }, { status: "affected", version: "17.3.2a", }, { status: "affected", version: "17.3.3", }, { status: "affected", version: "17.3.2", }, { status: "affected", version: "17.3.4c", }, { status: "affected", version: "17.3.5a", }, { status: "affected", version: "17.3.6", }, { status: "affected", version: "17.2.1", }, { status: "affected", version: "17.2.1a", }, { status: "affected", version: "17.2.3", }, { status: "affected", version: "17.2.2", }, { status: "affected", version: "17.5.1", }, { status: "affected", version: "17.4.1", }, { status: "affected", version: "17.4.2", }, { status: "affected", version: "17.6.1", }, { status: "affected", version: "17.6.2", }, { status: "affected", version: "17.6.3", }, { status: "affected", version: "17.6.4", }, { status: "affected", version: "17.6.5", }, { status: "affected", version: "17.7.1", }, { status: "affected", version: "17.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service.\r\n\r This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "Uncontrolled Resource Consumption", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-25T16:57:49.991Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-click-ap-dos-wdcXkvnQ", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ", }, ], source: { advisory: "cisco-sa-click-ap-dos-wdcXkvnQ", defects: [ "CSCwb56120", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20176", datePublished: "2023-09-27T17:25:00.473Z", dateReserved: "2022-10-27T18:47:50.363Z", dateUpdated: "2024-08-02T09:05:34.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20112
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.895Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230322 Cisco Access Point Software Association Request Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20112", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:52.092551Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:02:04.798Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Aironet Access Point Software ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-03-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-23T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230322 Cisco Access Point Software Association Request Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2", }, ], source: { advisory: "cisco-sa-ap-assoc-dos-D2SunWK2", defect: [ [ "CSCwb04244", ], ], discovery: "INTERNAL", }, title: "Cisco Access Point Software Association Request Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20112", datePublished: "2023-03-23T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:02:04.798Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }