Vulnerability Description
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xe | 16.8.1 |
| Cisco | Catalyst 8000V Edge | - |
| Cisco | Cloud Services Router 1000V | - |
| Cisco | 1000 Integrated Services Router | - |
| Cisco | 1100-4G Integrated Services Router | - |
| Cisco | 1100-4Gltegb Integrated Services Router | - |
| Cisco | 1100-4Gltena Integrated Services Router | - |
| Cisco | 1100-6G Integrated Services Router | - |
| Cisco | 4221 Integrated Services Router | - |
| Cisco | 4321\/K9-Rf Integrated Services Router | - |
| Cisco | 4321\/K9-Ws Integrated Services Router | - |
| Cisco | 4321\/K9 Integrated Services Router | - |
| Cisco | 4321 Integrated Services Router | - |
| Cisco | 4331\/K9-Rf Integrated Services Router | - |
| Cisco | 4331\/K9-Ws Integrated Services Router | - |
| Cisco | 4331\/K9 Integrated Services Router | - |
| Cisco | 4331 Integrated Services Router | - |
| Cisco | 4351\/K9-Rf Integrated Services Router | - |
| Cisco | 4351\/K9-Ws Integrated Services Router | - |
| Cisco | 4351\/K9 Integrated Services Router | - |
Related Weaknesses (CWE)
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciMitigationVendor Advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciMitigationVendor Advisory
FAQ
What is CVE-2023-20227?
CVE-2023-20227 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected de...
How severe is CVE-2023-20227?
CVE-2023-20227 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-20227?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco Catalyst 8000V Edge, Cisco Cloud Services Router 1000V, Cisco 1000 Integrated Services Router, Cisco 1100-4G Integrated Services Router.