CVE-2023-20202

Published Sep 27, 2023

Last updated 10 months ago

CVSS medium 6.5

Overview

Description: A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
ykramarz@cisco.com: CWE-789

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91A099C9-0C81-4819-BE4A-FE59144C55BD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "93510CF6-232E-4FBD-BF01-79070306FB97"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "77BE20A3-964E-46D3-ACA2-B53A175027D9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9124d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7E3AD79-8F3B-4E8E-8226-2B5101F1A3D2"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9124e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B64B8AB-DD2A-4306-8546-1D64E24868F4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9124i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "54712AF5-EF16-4F83-99BB-D3B8D93AF986"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9347227-9FA8-46B6-96EF-713543376296"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9166d1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E5133F50-F67C-4195-B18F-887EFC88FA52"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70"
          },
          {
            "criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776"
          },
          {
            "criteria": "cpe:2.3:h:cisco:iw9167eh-x-ap:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7DAC9FCA-D624-4A7D-9FA6-3D163FFE7453"
          },
          {
            "criteria": "cpe:2.3:h:cisco:iw9167eh-x-urwb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08D5D1CC-0D0A-4034-8147-B5574EE42385"
          },
          {
            "criteria": "cpe:2.3:h:cisco:iw9167eh-x-wgb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D2180290-8F76-4BF6-8480-1FC9D1B0D93B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:iw9167ih-x-ap:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B01614D9-3D1E-4E8D-B535-20282EBECE6B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References