CVE-2023-20176

Summary

A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Aironet Access Point Software8.10.170.0affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.10.1eaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.10.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.1.1taffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.1.1saffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.1.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.11.1aaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.11.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.11.1caffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.11.1baffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.1saffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.4affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.2saffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.1taffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.4aaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.5affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.3affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.6affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.8affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.7affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)16.12.6aaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.2aaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.3affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.2affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.4caffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.5aaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.3.6affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.2.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.2.1aaffected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.2.3affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.2.2affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.5.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.4.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.4.2affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.6.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.6.2affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.6.3affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.6.4affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.6.5affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.7.1affected
CiscoCisco Aironet Access Point Software (IOS XE Controller)17.8.1affected

Weaknesses

  • CWE-400: Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References