Vulnerability Description
A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Catalyst 9166 Firmware | < 17.6.6 |
| Cisco | Catalyst 9166 | - |
| Cisco | Catalyst 9164 Firmware | < 17.6.6 |
| Cisco | Catalyst 9164 | - |
| Cisco | Catalyst 9136 Firmware | < 17.6.6 |
| Cisco | Catalyst 9136 | - |
| Cisco | Catalyst 9130 Firmware | < 17.6.6 |
| Cisco | Catalyst 9130 | - |
| Cisco | Catalyst 9124 Firmware | < 17.6.6 |
| Cisco | Catalyst 9124 | - |
Related Weaknesses (CWE)
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciVendor Advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciVendor Advisory
FAQ
What is CVE-2023-20176?
CVE-2023-20176 is a vulnerability with a CVSS score of 5.8 (MEDIUM). A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due...
How severe is CVE-2023-20176?
CVE-2023-20176 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-20176?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Catalyst 9166 Firmware, Cisco Catalyst 9166, Cisco Catalyst 9164 Firmware, Cisco Catalyst 9164, Cisco Catalyst 9136 Firmware.