Main Vulnerability Database SB2023092823

SB2023092823 - Denial of service in Cisco Catalyst 9100 Access Points

Published: September 28, 2023

Security Bulletin ID SB2023092823

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource exhaustion (CVE-ID: CVE-2023-20176)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper control over consumption of internal resources. A remote attacker can connect to the affected AP as a client and send a high rate of traffic over an extended period of time, which will result in an overuse of AP resources and denial of service.

Remediation

Install update from vendor's website.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb56120