Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20226

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Published

2023-09-27T18:15:11.307

Last Modified

2024-11-21T07:40:56.363

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-456
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios_xe	17.7.1	Yes
Operating System	cisco	ios_xe	17.7.1a	Yes
Operating System	cisco	ios_xe	17.7.2	Yes
Operating System	cisco	ios_xe	17.8.1	Yes
Operating System	cisco	ios_xe	17.8.1a	Yes
Operating System	cisco	ios_xe	17.9.1	Yes
Operating System	cisco	ios_xe	17.9.1a	Yes
Operating System	cisco	ios_xe	17.9.2	Yes
Operating System	cisco	ios_xe	17.9.2a	Yes
Operating System	cisco	ios_xe	17.10.1	Yes
Operating System	cisco	ios_xe	17.10.1a	Yes
Application	cisco	catalyst_8000v_edge	-	No
Hardware	cisco	1100-4g_integrated_services_router	-	No
Hardware	cisco	1100-4gltegb_integrated_services_router	-	No
Hardware	cisco	1100-4gltena_integrated_services_router	-	No
Hardware	cisco	1100-6g_integrated_services_router	-	No
Hardware	cisco	4221_integrated_services_router	-	No
Hardware	cisco	4321\/k9-rf_integrated_services_router	-	No
Hardware	cisco	4321\/k9-ws_integrated_services_router	-	No
Hardware	cisco	4321\/k9_integrated_services_router	-	No
Hardware	cisco	4321_integrated_services_router	-	No
Hardware	cisco	4331\/k9-rf_integrated_services_router	-	No
Hardware	cisco	4331\/k9-ws_integrated_services_router	-	No
Hardware	cisco	4331\/k9_integrated_services_router	-	No
Hardware	cisco	4331_integrated_services_router	-	No
Hardware	cisco	4351\/k9-rf_integrated_services_router	-	No
Hardware	cisco	4351\/k9-ws_integrated_services_router	-	No
Hardware	cisco	4351\/k9_integrated_services_router	-	No
Hardware	cisco	4351_integrated_services_router	-	No
Hardware	cisco	4431_integrated_services_router	-	No
Hardware	cisco	c8200-1n-4t	-	No
Hardware	cisco	c8200l-1n-4t	-	No
Hardware	cisco	c8500l-8s4x	-	No
Hardware	cisco	catalyst_8300-1n1s-4t2x	-	No
Hardware	cisco	catalyst_8300-1n1s-6t	-	No
Hardware	cisco	catalyst_8300-2n2s-4t2x	-	No
Hardware	cisco	catalyst_8300-2n2s-6t	-	No
Hardware	cisco	catalyst_ir8340	-	No

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)