Vulnerability-Lookup

BDU:2023-06267

Vulnerability from fstec - Published: 27.09.2023

Title

Уязвимость функции обработки пакетов микропрограммного обеспечения точек доступа Cisco Aironet Access Points (AP), позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции обработки пакетов микропрограммного обеспечения точек доступа Cisco Aironet Access Points (AP) связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Vendor

Cisco Systems Inc.

Software Name

Integrated AP on 1100 Integrated Services Routers, Cisco Embedded Services 6300 Series APs, Catalyst 9100 APs, Catalyst IW6300 Heavy Duty Series APs, Aironet 1540 Series APs, Aironet 1560 Series APs, Aironet 1800 Series APs, Aironet 2800 Series APs, Aironet 3800 Series APs, Aironet 4800 APs, Cisco Business 150 AP, Cisco Business 151 Mesh Extender

Software Version

- (Integrated AP on 1100 Integrated Services Routers), до 17.3.8 (Cisco Embedded Services 6300 Series APs), от 17.4 до 17.6.6 (Cisco Embedded Services 6300 Series APs), от 17.8 до 17.9.4 (Cisco Embedded Services 6300 Series APs), от 17.10 до 17.12 (Cisco Embedded Services 6300 Series APs), до 17.3.8 (Catalyst 9100 APs), от 17.4 до 17.6.6 (Catalyst 9100 APs), от 17.8 до 17.9.4 (Catalyst 9100 APs), от 17.10 до 17.12 (Catalyst 9100 APs), до 17.3.8 (Catalyst IW6300 Heavy Duty Series APs), от 17.4 до 17.6.6 (Catalyst IW6300 Heavy Duty Series APs), от 17.8 до 17.9.4 (Catalyst IW6300 Heavy Duty Series APs), от 17.10 до 17.12 (Catalyst IW6300 Heavy Duty Series APs), до 8.10.190.0 (Aironet 1540 Series APs), до 8.10.190.0 (Aironet 1560 Series APs), до 8.10.190.0 (Aironet 1800 Series APs), до 8.10.190.0 (Aironet 2800 Series APs), до 8.10.190.0 (Aironet 3800 Series APs), до 8.10.190.0 (Aironet 4800 APs), до 10.6.2.0 (Cisco Business 150 AP), до 10.6.2.0 (Cisco Business 151 Mesh Extender)

Possible Mitigations

Использование рекомендаций производителя: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m https://www.cybersecurity-help.cz/vdb/SB2023092824 https://vuldb.com/?id.240717

CWE

CWE-400

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Integrated AP on 1100 Integrated Services Routers), \u0434\u043e 17.3.8 (Cisco Embedded Services 6300 Series APs), \u043e\u0442 17.4 \u0434\u043e 17.6.6 (Cisco Embedded Services 6300 Series APs), \u043e\u0442 17.8 \u0434\u043e 17.9.4 (Cisco Embedded Services 6300 Series APs), \u043e\u0442 17.10 \u0434\u043e 17.12 (Cisco Embedded Services 6300 Series APs), \u0434\u043e 17.3.8 (Catalyst 9100 APs), \u043e\u0442 17.4 \u0434\u043e 17.6.6 (Catalyst 9100 APs), \u043e\u0442 17.8 \u0434\u043e 17.9.4 (Catalyst 9100 APs), \u043e\u0442 17.10 \u0434\u043e 17.12 (Catalyst 9100 APs), \u0434\u043e 17.3.8 (Catalyst IW6300 Heavy Duty Series APs), \u043e\u0442 17.4 \u0434\u043e 17.6.6 (Catalyst IW6300 Heavy Duty Series APs), \u043e\u0442 17.8 \u0434\u043e 17.9.4 (Catalyst IW6300 Heavy Duty Series APs), \u043e\u0442 17.10 \u0434\u043e 17.12 (Catalyst IW6300 Heavy Duty Series APs), \u0434\u043e 8.10.190.0 (Aironet 1540 Series APs), \u0434\u043e 8.10.190.0 (Aironet 1560 Series APs), \u0434\u043e 8.10.190.0 (Aironet 1800 Series APs), \u0434\u043e 8.10.190.0 (Aironet 2800 Series APs), \u0434\u043e 8.10.190.0 (Aironet 3800 Series APs), \u0434\u043e 8.10.190.0 (Aironet 4800 APs), \u0434\u043e 10.6.2.0 (Cisco Business 150 AP), \u0434\u043e 10.6.2.0 (Cisco Business 151 Mesh Extender)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.09.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "03.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.10.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-06267",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-20268",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Integrated AP on 1100 Integrated Services Routers, Cisco Embedded Services 6300 Series APs, Catalyst 9100 APs, Catalyst IW6300 Heavy Duty Series APs, Aironet 1540 Series APs, Aironet 1560 Series APs, Aironet 1800 Series APs, Aironet 2800 Series APs, Aironet 3800 Series APs, Aironet 4800 APs, Cisco Business 150 AP, Cisco Business 151 Mesh Extender",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Cisco Aironet Access Points (AP), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0440\u0430\u0441\u0445\u043e\u0434 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u00ab\u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u00bb) (CWE-400)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Cisco Aironet Access Points (AP) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m\nhttps://www.cybersecurity-help.cz/vdb/SB2023092824\nhttps://vuldb.com/?id.240717",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-400",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,3)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,7)"
}

CVE-2023-20268 (GCVE-0-2023-20268)

Vulnerability from cvelistv5 – Published: 2023-09-27 17:22 – Updated: 2024-12-12 17:19

Title

Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability

Summary

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.  This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

Vendor

Product

Version

Cisco

Cisco Aironet Access Point Software

Affected: 8.3.135.0
Affected: 8.3.140.0
Affected: 8.8.111.0
Affected: 8.5.151.0
Affected: 8.3.104.46
Affected: 8.10.121.0
Affected: 8.4.1.218
Affected: 8.3.122.0
Affected: 8.8.100.0
Affected: 8.3.131.0
Affected: 8.5.140.0
Affected: 8.3.132.0
Affected: 8.5.100.0
Affected: 8.5.103.0
Affected: 8.3.133.0
Affected: 8.3.150.0
Affected: 8.5.101.0
Affected: 8.5.105.0
Affected: 8.10.122.0
Affected: 8.8.130.0
Affected: 8.10.112.0
Affected: 8.3.143.0
Affected: 8.8.120.0
Affected: 8.9.111.0
Affected: 8.5.102.0
Affected: 8.5.161.0
Affected: 8.3.121.0
Affected: 8.9.100.0
Affected: 8.10.111.0
Affected: 8.2.170.0
Affected: 8.2.163.0
Affected: 8.10.130.0
Affected: 8.10.105.0
Affected: 8.6.101.0
Affected: 8.3.104.64
Affected: 8.3.15.117
Affected: 8.5.110.0
Affected: 8.2.161.0
Affected: 8.4.1.199
Affected: 8.4.100.0
Affected: 8.5.131.0
Affected: 8.7.1.16
Affected: 8.4.1.175
Affected: 8.3.141.0
Affected: 8.3.108.0
Affected: 8.2.111.0
Affected: 8.5.135.0
Affected: 8.2.160.0
Affected: 8.5.120.0
Affected: 8.6.1.84
Affected: 8.7.106.0
Affected: 8.6.1.70
Affected: 8.3.90.36
Affected: 8.10.113.0
Affected: 8.7.102.0
Affected: 8.2.130.0
Affected: 8.3.130.0
Affected: 8.2.110.0
Affected: 8.3.15.142
Affected: 8.3.111.0
Affected: 8.4.1.142
Affected: 8.6.1.71
Affected: 8.3.104.14
Affected: 8.8.125.0
Affected: 8.3.112.0
Affected: 8.2.151.0
Affected: 8.3.90.53
Affected: 8.3.102.0
Affected: 8.2.166.0
Affected: 8.2.164.0
Affected: 8.5.160.0
Affected: 8.3.15.165
Affected: 8.4.2.75
Affected: 8.3.90.58
Affected: 8.3.90.25
Affected: 8.2.141.0
Affected: 8.3.90.11
Affected: 8.3.15.169
Affected: 8.3.15.158
Affected: 8.3.15.25
Affected: 8.3.104.37
Affected: 8.4.1.91
Affected: 8.2.100.0
Affected: 8.2.121.0
Affected: 8.3.15.120
Affected: 8.3.15.118
Affected: 8.4.1.92
Affected: 8.3.200.200
Affected: 8.10.141.0
Affected: 8.10.142.0
Affected: 8.5.171.0
Affected: 8.10.150.0
Affected: 8.10.151.0
Affected: 8.5.164.0
Affected: 8.10.161.0
Affected: 8.10.162.0
Affected: 8.5.182.0
Affected: 8.10.171.0
Affected: 8.10.170.0
Affected: 8.10.180.0
Affected: 8.10.181.0
Affected: 8.10.182.0
Affected: 8.10.183.0
Affected: 8.10.185.0
Affected: 8.5.182.11 ME

	Cisco	Cisco Aironet Access Point Software (IOS XE Controller)	Affected: 17.1.1t Affected: 16.10.1s Affected: 16.10.1 Affected: 17.3.1 Affected: 16.11.1b Affected: 17.1.2 Affected: 17.1.1 Affected: 16.12.4 Affected: 17.2.2 Affected: 16.12.3 Affected: 16.11.1a Affected: 16.12.2t Affected: 16.10.1e Affected: 16.11.1 Affected: 16.11.1c Affected: 17.1.1s Affected: 16.12.3s Affected: 16.12.1s Affected: 16.12.1t Affected: 16.12.2s Affected: 17.2.1 Affected: 17.2.1a Affected: 16.12.1 Affected: 17.1.3 Affected: 17.3.2a Affected: 16.12.5 Affected: 17.3.2 Affected: 17.4.1 Affected: 16.12.4a Affected: 17.3.3 Affected: 17.2.3 Affected: 17.5.1 Affected: 17.4.2 Affected: 17.3.5 Affected: 17.3.4 Affected: 16.12.6 Affected: 17.6.1 Affected: 17.7.1 Affected: 17.6.2 Affected: 16.12.6a Affected: 17.3.4c Affected: 16.12.7 Affected: 17.3.5a Affected: 17.6.3 Affected: 17.8.1 Affected: 17.9.1 Affected: 16.12.8 Affected: 17.6.4 Affected: 17.3.5b Affected: 17.3.6 Affected: 17.10.1 Affected: 17.9.2 Affected: 17.6.5 Affected: 17.3.7 Affected: 17.9.3 Affected: 17.11.1 Affected: 17.6.6 Affected: 17.3.8
	Cisco	Cisco Business Wireless Access Point Software	Affected: 10.3.1.0 Affected: 10.0.1.0 Affected: 10.2.1.0 Affected: 10.1.1.0 Affected: 10.3.1.1 Affected: 10.4.1.0 Affected: 10.6.1.0 Affected: 10.1.2.0 Affected: 10.0.2.0 Affected: 10.7.1.0 Affected: 10.2.2.0 Affected: 0.0.0.0 Affected: 10.3.2.0 Affected: 10.4.2.0 Affected: 10.8.1.0 Affected: 10.5.2.0 Affected: 10.9.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ap-dos-capwap-DDMCZS4m",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Aironet Access Point Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "8.3.135.0"
            },
            {
              "status": "affected",
              "version": "8.3.140.0"
            },
            {
              "status": "affected",
              "version": "8.8.111.0"
            },
            {
              "status": "affected",
              "version": "8.5.151.0"
            },
            {
              "status": "affected",
              "version": "8.3.104.46"
            },
            {
              "status": "affected",
              "version": "8.10.121.0"
            },
            {
              "status": "affected",
              "version": "8.4.1.218"
            },
            {
              "status": "affected",
              "version": "8.3.122.0"
            },
            {
              "status": "affected",
              "version": "8.8.100.0"
            },
            {
              "status": "affected",
              "version": "8.3.131.0"
            },
            {
              "status": "affected",
              "version": "8.5.140.0"
            },
            {
              "status": "affected",
              "version": "8.3.132.0"
            },
            {
              "status": "affected",
              "version": "8.5.100.0"
            },
            {
              "status": "affected",
              "version": "8.5.103.0"
            },
            {
              "status": "affected",
              "version": "8.3.133.0"
            },
            {
              "status": "affected",
              "version": "8.3.150.0"
            },
            {
              "status": "affected",
              "version": "8.5.101.0"
            },
            {
              "status": "affected",
              "version": "8.5.105.0"
            },
            {
              "status": "affected",
              "version": "8.10.122.0"
            },
            {
              "status": "affected",
              "version": "8.8.130.0"
            },
            {
              "status": "affected",
              "version": "8.10.112.0"
            },
            {
              "status": "affected",
              "version": "8.3.143.0"
            },
            {
              "status": "affected",
              "version": "8.8.120.0"
            },
            {
              "status": "affected",
              "version": "8.9.111.0"
            },
            {
              "status": "affected",
              "version": "8.5.102.0"
            },
            {
              "status": "affected",
              "version": "8.5.161.0"
            },
            {
              "status": "affected",
              "version": "8.3.121.0"
            },
            {
              "status": "affected",
              "version": "8.9.100.0"
            },
            {
              "status": "affected",
              "version": "8.10.111.0"
            },
            {
              "status": "affected",
              "version": "8.2.170.0"
            },
            {
              "status": "affected",
              "version": "8.2.163.0"
            },
            {
              "status": "affected",
              "version": "8.10.130.0"
            },
            {
              "status": "affected",
              "version": "8.10.105.0"
            },
            {
              "status": "affected",
              "version": "8.6.101.0"
            },
            {
              "status": "affected",
              "version": "8.3.104.64"
            },
            {
              "status": "affected",
              "version": "8.3.15.117"
            },
            {
              "status": "affected",
              "version": "8.5.110.0"
            },
            {
              "status": "affected",
              "version": "8.2.161.0"
            },
            {
              "status": "affected",
              "version": "8.4.1.199"
            },
            {
              "status": "affected",
              "version": "8.4.100.0"
            },
            {
              "status": "affected",
              "version": "8.5.131.0"
            },
            {
              "status": "affected",
              "version": "8.7.1.16"
            },
            {
              "status": "affected",
              "version": "8.4.1.175"
            },
            {
              "status": "affected",
              "version": "8.3.141.0"
            },
            {
              "status": "affected",
              "version": "8.3.108.0"
            },
            {
              "status": "affected",
              "version": "8.2.111.0"
            },
            {
              "status": "affected",
              "version": "8.5.135.0"
            },
            {
              "status": "affected",
              "version": "8.2.160.0"
            },
            {
              "status": "affected",
              "version": "8.5.120.0"
            },
            {
              "status": "affected",
              "version": "8.6.1.84"
            },
            {
              "status": "affected",
              "version": "8.7.106.0"
            },
            {
              "status": "affected",
              "version": "8.6.1.70"
            },
            {
              "status": "affected",
              "version": "8.3.90.36"
            },
            {
              "status": "affected",
              "version": "8.10.113.0"
            },
            {
              "status": "affected",
              "version": "8.7.102.0"
            },
            {
              "status": "affected",
              "version": "8.2.130.0"
            },
            {
              "status": "affected",
              "version": "8.3.130.0"
            },
            {
              "status": "affected",
              "version": "8.2.110.0"
            },
            {
              "status": "affected",
              "version": "8.3.15.142"
            },
            {
              "status": "affected",
              "version": "8.3.111.0"
            },
            {
              "status": "affected",
              "version": "8.4.1.142"
            },
            {
              "status": "affected",
              "version": "8.6.1.71"
            },
            {
              "status": "affected",
              "version": "8.3.104.14"
            },
            {
              "status": "affected",
              "version": "8.8.125.0"
            },
            {
              "status": "affected",
              "version": "8.3.112.0"
            },
            {
              "status": "affected",
              "version": "8.2.151.0"
            },
            {
              "status": "affected",
              "version": "8.3.90.53"
            },
            {
              "status": "affected",
              "version": "8.3.102.0"
            },
            {
              "status": "affected",
              "version": "8.2.166.0"
            },
            {
              "status": "affected",
              "version": "8.2.164.0"
            },
            {
              "status": "affected",
              "version": "8.5.160.0"
            },
            {
              "status": "affected",
              "version": "8.3.15.165"
            },
            {
              "status": "affected",
              "version": "8.4.2.75"
            },
            {
              "status": "affected",
              "version": "8.3.90.58"
            },
            {
              "status": "affected",
              "version": "8.3.90.25"
            },
            {
              "status": "affected",
              "version": "8.2.141.0"
            },
            {
              "status": "affected",
              "version": "8.3.90.11"
            },
            {
              "status": "affected",
              "version": "8.3.15.169"
            },
            {
              "status": "affected",
              "version": "8.3.15.158"
            },
            {
              "status": "affected",
              "version": "8.3.15.25"
            },
            {
              "status": "affected",
              "version": "8.3.104.37"
            },
            {
              "status": "affected",
              "version": "8.4.1.91"
            },
            {
              "status": "affected",
              "version": "8.2.100.0"
            },
            {
              "status": "affected",
              "version": "8.2.121.0"
            },
            {
              "status": "affected",
              "version": "8.3.15.120"
            },
            {
              "status": "affected",
              "version": "8.3.15.118"
            },
            {
              "status": "affected",
              "version": "8.4.1.92"
            },
            {
              "status": "affected",
              "version": "8.3.200.200"
            },
            {
              "status": "affected",
              "version": "8.10.141.0"
            },
            {
              "status": "affected",
              "version": "8.10.142.0"
            },
            {
              "status": "affected",
              "version": "8.5.171.0"
            },
            {
              "status": "affected",
              "version": "8.10.150.0"
            },
            {
              "status": "affected",
              "version": "8.10.151.0"
            },
            {
              "status": "affected",
              "version": "8.5.164.0"
            },
            {
              "status": "affected",
              "version": "8.10.161.0"
            },
            {
              "status": "affected",
              "version": "8.10.162.0"
            },
            {
              "status": "affected",
              "version": "8.5.182.0"
            },
            {
              "status": "affected",
              "version": "8.10.171.0"
            },
            {
              "status": "affected",
              "version": "8.10.170.0"
            },
            {
              "status": "affected",
              "version": "8.10.180.0"
            },
            {
              "status": "affected",
              "version": "8.10.181.0"
            },
            {
              "status": "affected",
              "version": "8.10.182.0"
            },
            {
              "status": "affected",
              "version": "8.10.183.0"
            },
            {
              "status": "affected",
              "version": "8.10.185.0"
            },
            {
              "status": "affected",
              "version": "8.5.182.11 ME"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Aironet Access Point Software (IOS XE Controller)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "17.1.1t"
            },
            {
              "status": "affected",
              "version": "16.10.1s"
            },
            {
              "status": "affected",
              "version": "16.10.1"
            },
            {
              "status": "affected",
              "version": "17.3.1"
            },
            {
              "status": "affected",
              "version": "16.11.1b"
            },
            {
              "status": "affected",
              "version": "17.1.2"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "17.2.2"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "16.11.1a"
            },
            {
              "status": "affected",
              "version": "16.12.2t"
            },
            {
              "status": "affected",
              "version": "16.10.1e"
            },
            {
              "status": "affected",
              "version": "16.11.1"
            },
            {
              "status": "affected",
              "version": "16.11.1c"
            },
            {
              "status": "affected",
              "version": "17.1.1s"
            },
            {
              "status": "affected",
              "version": "16.12.3s"
            },
            {
              "status": "affected",
              "version": "16.12.1s"
            },
            {
              "status": "affected",
              "version": "16.12.1t"
            },
            {
              "status": "affected",
              "version": "16.12.2s"
            },
            {
              "status": "affected",
              "version": "17.2.1"
            },
            {
              "status": "affected",
              "version": "17.2.1a"
            },
            {
              "status": "affected",
              "version": "16.12.1"
            },
            {
              "status": "affected",
              "version": "17.1.3"
            },
            {
              "status": "affected",
              "version": "17.3.2a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.4.1"
            },
            {
              "status": "affected",
              "version": "16.12.4a"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.2.3"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.3.5"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "17.6.1"
            },
            {
              "status": "affected",
              "version": "17.7.1"
            },
            {
              "status": "affected",
              "version": "17.6.2"
            },
            {
              "status": "affected",
              "version": "16.12.6a"
            },
            {
              "status": "affected",
              "version": "17.3.4c"
            },
            {
              "status": "affected",
              "version": "16.12.7"
            },
            {
              "status": "affected",
              "version": "17.3.5a"
            },
            {
              "status": "affected",
              "version": "17.6.3"
            },
            {
              "status": "affected",
              "version": "17.8.1"
            },
            {
              "status": "affected",
              "version": "17.9.1"
            },
            {
              "status": "affected",
              "version": "16.12.8"
            },
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.3.5b"
            },
            {
              "status": "affected",
              "version": "17.3.6"
            },
            {
              "status": "affected",
              "version": "17.10.1"
            },
            {
              "status": "affected",
              "version": "17.9.2"
            },
            {
              "status": "affected",
              "version": "17.6.5"
            },
            {
              "status": "affected",
              "version": "17.3.7"
            },
            {
              "status": "affected",
              "version": "17.9.3"
            },
            {
              "status": "affected",
              "version": "17.11.1"
            },
            {
              "status": "affected",
              "version": "17.6.6"
            },
            {
              "status": "affected",
              "version": "17.3.8"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Business Wireless Access Point Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "10.3.1.0"
            },
            {
              "status": "affected",
              "version": "10.0.1.0"
            },
            {
              "status": "affected",
              "version": "10.2.1.0"
            },
            {
              "status": "affected",
              "version": "10.1.1.0"
            },
            {
              "status": "affected",
              "version": "10.3.1.1"
            },
            {
              "status": "affected",
              "version": "10.4.1.0"
            },
            {
              "status": "affected",
              "version": "10.6.1.0"
            },
            {
              "status": "affected",
              "version": "10.1.2.0"
            },
            {
              "status": "affected",
              "version": "10.0.2.0"
            },
            {
              "status": "affected",
              "version": "10.7.1.0"
            },
            {
              "status": "affected",
              "version": "10.2.2.0"
            },
            {
              "status": "affected",
              "version": "0.0.0.0"
            },
            {
              "status": "affected",
              "version": "10.3.2.0"
            },
            {
              "status": "affected",
              "version": "10.4.2.0"
            },
            {
              "status": "affected",
              "version": "10.8.1.0"
            },
            {
              "status": "affected",
              "version": "10.5.2.0"
            },
            {
              "status": "affected",
              "version": "10.9.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.\u0026nbsp;\r\n\r\nThis vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-12T17:19:02.520Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ap-dos-capwap-DDMCZS4m",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ap-dos-capwap-DDMCZS4m",
        "defects": [
          "CSCwe75371"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20268",
    "datePublished": "2023-09-27T17:22:55.840Z",
    "dateReserved": "2022-10-27T18:47:50.373Z",
    "dateUpdated": "2024-12-12T17:19:02.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2023-06267

CVE-2023-20268 (GCVE-0-2023-20268)

Tags

Sightings

Nomenclature