Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20200

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.7, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction requiring only low-level privileges . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 15 products from cisco, from cisco, from cisco and 12 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-08-23T19:15:08.020

Last Modified

2024-11-21T07:40:48.977

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.7 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-835
  • Type: Primary
    CWE-732
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco firepower_9300_firmware - Yes
Hardware cisco firepower_9300 - No
Operating System cisco firepower_4143_firmware - Yes
Hardware cisco firepower_4145 - No
Operating System cisco firepower_4112_firmware - Yes
Hardware cisco firepower_4112 - No
Operating System cisco ucs_6324_fabric_interconnect_firmware < 4.1\(3l\) Yes
Operating System cisco ucs_6324_fabric_interconnect_firmware < 4.2\(3d\) Yes
Hardware cisco ucs_6324_fabric_interconnect - No
Operating System cisco firepower_4125_firmware - Yes
Hardware cisco firepower_4125 - No
Operating System cisco firepower_4115 - Yes
Hardware cisco firepower_4115 - No
Operating System cisco ucs_6332_fabric_interconnect_firmware < 4.1\(3l\) Yes
Operating System cisco ucs_6332_fabric_interconnect_firmware ≤ 4.2\(3b\) Yes
Hardware cisco ucs_6332_fabric_interconnect - No
Operating System cisco ucs_6332-16up_fabric_interconnect_firmware < 4.1\(3l\) Yes
Operating System cisco ucs_6332-16up_fabric_interconnect_firmware < 4.2\(3b\) Yes
Hardware cisco ucs_6332-16up_fabric_interconnect - No
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For cisco's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.