All the vulnerabilites related to cisco - catalyst_9800_embedded_wireless_controller_firmware
Vulnerability from fkie_nvd
Published
2023-09-27 18:15
Modified
2024-12-12 18:15
Severity ?
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.
This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A084C31F-54F0-444E-A2F0-817F1C8B3BFE",
"versionEndExcluding": "8.10.190.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_embedded_wireless_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "649DA1E0-2F09-4855-9715-9574FC28287B",
"versionEndExcluding": "17.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_embedded_wireless_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2179D2-0545-4DEB-8B56-16299D22E171",
"versionEndExcluding": "17.6.6",
"versionStartIncluding": "17.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_embedded_wireless_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53EA3BC3-D2DF-48E4-AEBB-B4DE252F1D9D",
"versionEndExcluding": "17.9.4",
"versionStartIncluding": "17.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:business_150ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E877AC2A-766E-476C-8173-F31BBB32C7CE",
"versionEndExcluding": "10.6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:business_150ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2B555E-1523-4C62-A91D-EE1F3F1200EC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:business_151axm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B98D3109-7D15-4736-890A-A4798C4CF08D",
"versionEndExcluding": "10.6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8760865B-4AB3-4A1A-960D-FF6974A7AC06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.\u0026nbsp;\r\n\r\nThis vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de procesamiento de paquetes del software del punto de acceso (AP) de Cisco podr\u00eda permitir que un atacante adyacente no autenticado agote los recursos de un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos a la hora de gestionar determinados tipos de tr\u00e1fico. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de paquetes inal\u00e1mbricos espec\u00edficos a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante consumir recursos en un dispositivo afectado. Un ataque sostenido podr\u00eda provocar la interrupci\u00f3n del t\u00fanel de control y aprovisionamiento de puntos de acceso inal\u00e1mbricos (CAPWAP) y la p\u00e9rdida intermitente de tr\u00e1fico de clientes inal\u00e1mbricos."
}
],
"id": "CVE-2023-20268",
"lastModified": "2024-12-12T18:15:21.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-27T18:15:11.827",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2023-20268
Vulnerability from cvelistv5
Published
2023-09-27 17:22
Modified
2024-12-12 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.
This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.
References
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: 8.3.135.0 Version: 8.3.140.0 Version: 8.8.111.0 Version: 8.5.151.0 Version: 8.3.104.46 Version: 8.10.121.0 Version: 8.4.1.218 Version: 8.3.122.0 Version: 8.8.100.0 Version: 8.3.131.0 Version: 8.5.140.0 Version: 8.3.132.0 Version: 8.5.100.0 Version: 8.5.103.0 Version: 8.3.133.0 Version: 8.3.150.0 Version: 8.5.101.0 Version: 8.5.105.0 Version: 8.10.122.0 Version: 8.8.130.0 Version: 8.10.112.0 Version: 8.3.143.0 Version: 8.8.120.0 Version: 8.9.111.0 Version: 8.5.102.0 Version: 8.5.161.0 Version: 8.3.121.0 Version: 8.9.100.0 Version: 8.10.111.0 Version: 8.2.170.0 Version: 8.2.163.0 Version: 8.10.130.0 Version: 8.10.105.0 Version: 8.6.101.0 Version: 8.3.104.64 Version: 8.3.15.117 Version: 8.5.110.0 Version: 8.2.161.0 Version: 8.4.1.199 Version: 8.4.100.0 Version: 8.5.131.0 Version: 8.7.1.16 Version: 8.4.1.175 Version: 8.3.141.0 Version: 8.3.108.0 Version: 8.2.111.0 Version: 8.5.135.0 Version: 8.2.160.0 Version: 8.5.120.0 Version: 8.6.1.84 Version: 8.7.106.0 Version: 8.6.1.70 Version: 8.3.90.36 Version: 8.10.113.0 Version: 8.7.102.0 Version: 8.2.130.0 Version: 8.3.130.0 Version: 8.2.110.0 Version: 8.3.15.142 Version: 8.3.111.0 Version: 8.4.1.142 Version: 8.6.1.71 Version: 8.3.104.14 Version: 8.8.125.0 Version: 8.3.112.0 Version: 8.2.151.0 Version: 8.3.90.53 Version: 8.3.102.0 Version: 8.2.166.0 Version: 8.2.164.0 Version: 8.5.160.0 Version: 8.3.15.165 Version: 8.4.2.75 Version: 8.3.90.58 Version: 8.3.90.25 Version: 8.2.141.0 Version: 8.3.90.11 Version: 8.3.15.169 Version: 8.3.15.158 Version: 8.3.15.25 Version: 8.3.104.37 Version: 8.4.1.91 Version: 8.2.100.0 Version: 8.2.121.0 Version: 8.3.15.120 Version: 8.3.15.118 Version: 8.4.1.92 Version: 8.3.200.200 Version: 8.10.141.0 Version: 8.10.142.0 Version: 8.5.171.0 Version: 8.10.150.0 Version: 8.10.151.0 Version: 8.5.164.0 Version: 8.10.161.0 Version: 8.10.162.0 Version: 8.5.182.0 Version: 8.10.171.0 Version: 8.10.170.0 Version: 8.10.180.0 Version: 8.10.181.0 Version: 8.10.182.0 Version: 8.10.183.0 Version: 8.10.185.0 Version: 8.5.182.11 ME |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ap-dos-capwap-DDMCZS4m",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.3.135.0"
},
{
"status": "affected",
"version": "8.3.140.0"
},
{
"status": "affected",
"version": "8.8.111.0"
},
{
"status": "affected",
"version": "8.5.151.0"
},
{
"status": "affected",
"version": "8.3.104.46"
},
{
"status": "affected",
"version": "8.10.121.0"
},
{
"status": "affected",
"version": "8.4.1.218"
},
{
"status": "affected",
"version": "8.3.122.0"
},
{
"status": "affected",
"version": "8.8.100.0"
},
{
"status": "affected",
"version": "8.3.131.0"
},
{
"status": "affected",
"version": "8.5.140.0"
},
{
"status": "affected",
"version": "8.3.132.0"
},
{
"status": "affected",
"version": "8.5.100.0"
},
{
"status": "affected",
"version": "8.5.103.0"
},
{
"status": "affected",
"version": "8.3.133.0"
},
{
"status": "affected",
"version": "8.3.150.0"
},
{
"status": "affected",
"version": "8.5.101.0"
},
{
"status": "affected",
"version": "8.5.105.0"
},
{
"status": "affected",
"version": "8.10.122.0"
},
{
"status": "affected",
"version": "8.8.130.0"
},
{
"status": "affected",
"version": "8.10.112.0"
},
{
"status": "affected",
"version": "8.3.143.0"
},
{
"status": "affected",
"version": "8.8.120.0"
},
{
"status": "affected",
"version": "8.9.111.0"
},
{
"status": "affected",
"version": "8.5.102.0"
},
{
"status": "affected",
"version": "8.5.161.0"
},
{
"status": "affected",
"version": "8.3.121.0"
},
{
"status": "affected",
"version": "8.9.100.0"
},
{
"status": "affected",
"version": "8.10.111.0"
},
{
"status": "affected",
"version": "8.2.170.0"
},
{
"status": "affected",
"version": "8.2.163.0"
},
{
"status": "affected",
"version": "8.10.130.0"
},
{
"status": "affected",
"version": "8.10.105.0"
},
{
"status": "affected",
"version": "8.6.101.0"
},
{
"status": "affected",
"version": "8.3.104.64"
},
{
"status": "affected",
"version": "8.3.15.117"
},
{
"status": "affected",
"version": "8.5.110.0"
},
{
"status": "affected",
"version": "8.2.161.0"
},
{
"status": "affected",
"version": "8.4.1.199"
},
{
"status": "affected",
"version": "8.4.100.0"
},
{
"status": "affected",
"version": "8.5.131.0"
},
{
"status": "affected",
"version": "8.7.1.16"
},
{
"status": "affected",
"version": "8.4.1.175"
},
{
"status": "affected",
"version": "8.3.141.0"
},
{
"status": "affected",
"version": "8.3.108.0"
},
{
"status": "affected",
"version": "8.2.111.0"
},
{
"status": "affected",
"version": "8.5.135.0"
},
{
"status": "affected",
"version": "8.2.160.0"
},
{
"status": "affected",
"version": "8.5.120.0"
},
{
"status": "affected",
"version": "8.6.1.84"
},
{
"status": "affected",
"version": "8.7.106.0"
},
{
"status": "affected",
"version": "8.6.1.70"
},
{
"status": "affected",
"version": "8.3.90.36"
},
{
"status": "affected",
"version": "8.10.113.0"
},
{
"status": "affected",
"version": "8.7.102.0"
},
{
"status": "affected",
"version": "8.2.130.0"
},
{
"status": "affected",
"version": "8.3.130.0"
},
{
"status": "affected",
"version": "8.2.110.0"
},
{
"status": "affected",
"version": "8.3.15.142"
},
{
"status": "affected",
"version": "8.3.111.0"
},
{
"status": "affected",
"version": "8.4.1.142"
},
{
"status": "affected",
"version": "8.6.1.71"
},
{
"status": "affected",
"version": "8.3.104.14"
},
{
"status": "affected",
"version": "8.8.125.0"
},
{
"status": "affected",
"version": "8.3.112.0"
},
{
"status": "affected",
"version": "8.2.151.0"
},
{
"status": "affected",
"version": "8.3.90.53"
},
{
"status": "affected",
"version": "8.3.102.0"
},
{
"status": "affected",
"version": "8.2.166.0"
},
{
"status": "affected",
"version": "8.2.164.0"
},
{
"status": "affected",
"version": "8.5.160.0"
},
{
"status": "affected",
"version": "8.3.15.165"
},
{
"status": "affected",
"version": "8.4.2.75"
},
{
"status": "affected",
"version": "8.3.90.58"
},
{
"status": "affected",
"version": "8.3.90.25"
},
{
"status": "affected",
"version": "8.2.141.0"
},
{
"status": "affected",
"version": "8.3.90.11"
},
{
"status": "affected",
"version": "8.3.15.169"
},
{
"status": "affected",
"version": "8.3.15.158"
},
{
"status": "affected",
"version": "8.3.15.25"
},
{
"status": "affected",
"version": "8.3.104.37"
},
{
"status": "affected",
"version": "8.4.1.91"
},
{
"status": "affected",
"version": "8.2.100.0"
},
{
"status": "affected",
"version": "8.2.121.0"
},
{
"status": "affected",
"version": "8.3.15.120"
},
{
"status": "affected",
"version": "8.3.15.118"
},
{
"status": "affected",
"version": "8.4.1.92"
},
{
"status": "affected",
"version": "8.3.200.200"
},
{
"status": "affected",
"version": "8.10.141.0"
},
{
"status": "affected",
"version": "8.10.142.0"
},
{
"status": "affected",
"version": "8.5.171.0"
},
{
"status": "affected",
"version": "8.10.150.0"
},
{
"status": "affected",
"version": "8.10.151.0"
},
{
"status": "affected",
"version": "8.5.164.0"
},
{
"status": "affected",
"version": "8.10.161.0"
},
{
"status": "affected",
"version": "8.10.162.0"
},
{
"status": "affected",
"version": "8.5.182.0"
},
{
"status": "affected",
"version": "8.10.171.0"
},
{
"status": "affected",
"version": "8.10.170.0"
},
{
"status": "affected",
"version": "8.10.180.0"
},
{
"status": "affected",
"version": "8.10.181.0"
},
{
"status": "affected",
"version": "8.10.182.0"
},
{
"status": "affected",
"version": "8.10.183.0"
},
{
"status": "affected",
"version": "8.10.185.0"
},
{
"status": "affected",
"version": "8.5.182.11 ME"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Aironet Access Point Software (IOS XE Controller)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "16.10.1s"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "17.1.2"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.12.2t"
},
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1c"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "16.12.3s"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.1t"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.3.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Business Wireless Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.3.1.0"
},
{
"status": "affected",
"version": "10.0.1.0"
},
{
"status": "affected",
"version": "10.2.1.0"
},
{
"status": "affected",
"version": "10.1.1.0"
},
{
"status": "affected",
"version": "10.3.1.1"
},
{
"status": "affected",
"version": "10.4.1.0"
},
{
"status": "affected",
"version": "10.6.1.0"
},
{
"status": "affected",
"version": "10.1.2.0"
},
{
"status": "affected",
"version": "10.0.2.0"
},
{
"status": "affected",
"version": "10.7.1.0"
},
{
"status": "affected",
"version": "10.2.2.0"
},
{
"status": "affected",
"version": "0.0.0.0"
},
{
"status": "affected",
"version": "10.3.2.0"
},
{
"status": "affected",
"version": "10.4.2.0"
},
{
"status": "affected",
"version": "10.8.1.0"
},
{
"status": "affected",
"version": "10.5.2.0"
},
{
"status": "affected",
"version": "10.9.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.\u0026nbsp;\r\n\r\nThis vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T17:19:02.520Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ap-dos-capwap-DDMCZS4m",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m"
}
],
"source": {
"advisory": "cisco-sa-ap-dos-capwap-DDMCZS4m",
"defects": [
"CSCwe75371"
],
"discovery": "INTERNAL"
},
"title": "Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20268",
"datePublished": "2023-09-27T17:22:55.840Z",
"dateReserved": "2022-10-27T18:47:50.373Z",
"dateUpdated": "2024-12-12T17:19:02.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}