CVE-2023-20112

HIGH

7.4

Descricao

A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.

Detalhes CVE

Pontuacao CVSS v3.17.4

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vetor de ataqueADJACENT_NETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado3/23/2023

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

cisco:business_150axcisco:business_150ax_firmwarecisco:business_151axmcisco:business_151axm_firmwarecisco:catalyst_9105axcisco:catalyst_9105ax_firmwarecisco:catalyst_9105axicisco:catalyst_9105axi_firmwarecisco:catalyst_9105axwcisco:catalyst_9105axw_firmwarecisco:catalyst_9105icisco:catalyst_9105i_firmwarecisco:catalyst_9105wcisco:catalyst_9105w_firmwarecisco:catalyst_9115cisco:catalyst_9115_firmwarecisco:catalyst_9115axcisco:catalyst_9115ax_firmwarecisco:catalyst_9115axecisco:catalyst_9115axe_firmwarecisco:catalyst_9115axicisco:catalyst_9115axi_firmwarecisco:catalyst_9117cisco:catalyst_9117_firmwarecisco:catalyst_9117axcisco:catalyst_9117ax_firmwarecisco:catalyst_9117axicisco:catalyst_9117axi_firmwarecisco:catalyst_9120cisco:catalyst_9120_firmwarecisco:catalyst_9120axcisco:catalyst_9120ax_firmwarecisco:catalyst_9120axecisco:catalyst_9120axe_firmwarecisco:catalyst_9120axicisco:catalyst_9120axi_firmwarecisco:catalyst_9120axpcisco:catalyst_9120axp_firmwarecisco:catalyst_9124cisco:catalyst_9124_firmwarecisco:catalyst_9124axcisco:catalyst_9124ax_firmwarecisco:catalyst_9124axdcisco:catalyst_9124axd_firmwarecisco:catalyst_9124axicisco:catalyst_9124axi_firmwarecisco:catalyst_9130cisco:catalyst_9130_firmwarecisco:catalyst_9130axcisco:catalyst_9130ax_firmwarecisco:catalyst_9130axecisco:catalyst_9130axe_firmwarecisco:catalyst_9130axicisco:catalyst_9130axi_firmwarecisco:catalyst_9136cisco:catalyst_9136_firmwarecisco:catalyst_9162cisco:catalyst_9162_firmwarecisco:catalyst_9164cisco:catalyst_9164_firmwarecisco:catalyst_9166cisco:catalyst_9166_firmware

Fraquezas (CWE)

CWE-126CWE-125

Referencias

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2(psirt@cisco.com)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.