← back
CVE-2023-20176

CVE-2023-20176

CVSS 5.8 MEDIUMEPSS 0.7%CWE-400
A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Affected products
Cisco · Cisco Aironet Access Point SoftwareCisco · Cisco Aironet Access Point Software (IOS XE Controller)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ