Cisco AP Software Unauth DoS via Resource Exhaustion
CVE-2023-20268 Published on September 27, 2023
Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability
A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.
This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.
Vulnerability Analysis
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2023-20268 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2023-20268
Want to know whenever a new CVE is published for Cisco Wireless Lan Controller Software? stack.watch will email you.
Affected Versions
Cisco Aironet Access Point Software:- Version 8.3.135.0 is affected.
- Version 8.3.140.0 is affected.
- Version 8.8.111.0 is affected.
- Version 8.5.151.0 is affected.
- Version 8.3.104.46 is affected.
- Version 8.10.121.0 is affected.
- Version 8.4.1.218 is affected.
- Version 8.3.122.0 is affected.
- Version 8.8.100.0 is affected.
- Version 8.3.131.0 is affected.
- Version 8.5.140.0 is affected.
- Version 8.3.132.0 is affected.
- Version 8.5.100.0 is affected.
- Version 8.5.103.0 is affected.
- Version 8.3.133.0 is affected.
- Version 8.3.150.0 is affected.
- Version 8.5.101.0 is affected.
- Version 8.5.105.0 is affected.
- Version 8.10.122.0 is affected.
- Version 8.8.130.0 is affected.
- Version 8.10.112.0 is affected.
- Version 8.3.143.0 is affected.
- Version 8.8.120.0 is affected.
- Version 8.9.111.0 is affected.
- Version 8.5.102.0 is affected.
- Version 8.5.161.0 is affected.
- Version 8.3.121.0 is affected.
- Version 8.9.100.0 is affected.
- Version 8.10.111.0 is affected.
- Version 8.2.170.0 is affected.
- Version 8.2.163.0 is affected.
- Version 8.10.130.0 is affected.
- Version 8.10.105.0 is affected.
- Version 8.6.101.0 is affected.
- Version 8.3.104.64 is affected.
- Version 8.3.15.117 is affected.
- Version 8.5.110.0 is affected.
- Version 8.2.161.0 is affected.
- Version 8.4.1.199 is affected.
- Version 8.4.100.0 is affected.
- Version 8.5.131.0 is affected.
- Version 8.7.1.16 is affected.
- Version 8.4.1.175 is affected.
- Version 8.3.141.0 is affected.
- Version 8.3.108.0 is affected.
- Version 8.2.111.0 is affected.
- Version 8.5.135.0 is affected.
- Version 8.2.160.0 is affected.
- Version 8.5.120.0 is affected.
- Version 8.6.1.84 is affected.
- Version 8.7.106.0 is affected.
- Version 8.6.1.70 is affected.
- Version 8.3.90.36 is affected.
- Version 8.10.113.0 is affected.
- Version 8.7.102.0 is affected.
- Version 8.2.130.0 is affected.
- Version 8.3.130.0 is affected.
- Version 8.2.110.0 is affected.
- Version 8.3.15.142 is affected.
- Version 8.3.111.0 is affected.
- Version 8.4.1.142 is affected.
- Version 8.6.1.71 is affected.
- Version 8.3.104.14 is affected.
- Version 8.8.125.0 is affected.
- Version 8.3.112.0 is affected.
- Version 8.2.151.0 is affected.
- Version 8.3.90.53 is affected.
- Version 8.3.102.0 is affected.
- Version 8.2.166.0 is affected.
- Version 8.2.164.0 is affected.
- Version 8.5.160.0 is affected.
- Version 8.3.15.165 is affected.
- Version 8.4.2.75 is affected.
- Version 8.3.90.58 is affected.
- Version 8.3.90.25 is affected.
- Version 8.2.141.0 is affected.
- Version 8.3.90.11 is affected.
- Version 8.3.15.169 is affected.
- Version 8.3.15.158 is affected.
- Version 8.3.15.25 is affected.
- Version 8.3.104.37 is affected.
- Version 8.4.1.91 is affected.
- Version 8.2.100.0 is affected.
- Version 8.2.121.0 is affected.
- Version 8.3.15.120 is affected.
- Version 8.3.15.118 is affected.
- Version 8.4.1.92 is affected.
- Version 8.3.200.200 is affected.
- Version 8.10.141.0 is affected.
- Version 8.10.142.0 is affected.
- Version 8.5.171.0 is affected.
- Version 8.10.150.0 is affected.
- Version 8.10.151.0 is affected.
- Version 8.5.164.0 is affected.
- Version 8.10.161.0 is affected.
- Version 8.10.162.0 is affected.
- Version 8.5.182.0 is affected.
- Version 8.10.171.0 is affected.
- Version 8.10.170.0 is affected.
- Version 8.10.180.0 is affected.
- Version 8.10.181.0 is affected.
- Version 8.10.182.0 is affected.
- Version 8.10.183.0 is affected.
- Version 8.10.185.0 is affected.
- Version 8.5.182.11 ME is affected.
- Version 17.1.1t is affected.
- Version 16.10.1s is affected.
- Version 16.10.1 is affected.
- Version 17.3.1 is affected.
- Version 16.11.1b is affected.
- Version 17.1.2 is affected.
- Version 17.1.1 is affected.
- Version 16.12.4 is affected.
- Version 17.2.2 is affected.
- Version 16.12.3 is affected.
- Version 16.11.1a is affected.
- Version 16.12.2t is affected.
- Version 16.10.1e is affected.
- Version 16.11.1 is affected.
- Version 16.11.1c is affected.
- Version 17.1.1s is affected.
- Version 16.12.3s is affected.
- Version 16.12.1s is affected.
- Version 16.12.1t is affected.
- Version 16.12.2s is affected.
- Version 17.2.1 is affected.
- Version 17.2.1a is affected.
- Version 16.12.1 is affected.
- Version 17.1.3 is affected.
- Version 17.3.2a is affected.
- Version 16.12.5 is affected.
- Version 17.3.2 is affected.
- Version 17.4.1 is affected.
- Version 16.12.4a is affected.
- Version 17.3.3 is affected.
- Version 17.2.3 is affected.
- Version 17.5.1 is affected.
- Version 17.4.2 is affected.
- Version 17.3.5 is affected.
- Version 17.3.4 is affected.
- Version 16.12.6 is affected.
- Version 17.6.1 is affected.
- Version 17.7.1 is affected.
- Version 17.6.2 is affected.
- Version 16.12.6a is affected.
- Version 17.3.4c is affected.
- Version 16.12.7 is affected.
- Version 17.3.5a is affected.
- Version 17.6.3 is affected.
- Version 17.8.1 is affected.
- Version 17.9.1 is affected.
- Version 16.12.8 is affected.
- Version 17.6.4 is affected.
- Version 17.3.5b is affected.
- Version 17.3.6 is affected.
- Version 17.10.1 is affected.
- Version 17.9.2 is affected.
- Version 17.6.5 is affected.
- Version 17.3.7 is affected.
- Version 17.9.3 is affected.
- Version 17.11.1 is affected.
- Version 17.6.6 is affected.
- Version 17.3.8 is affected.
- Version 10.3.1.0 is affected.
- Version 10.0.1.0 is affected.
- Version 10.2.1.0 is affected.
- Version 10.1.1.0 is affected.
- Version 10.3.1.1 is affected.
- Version 10.4.1.0 is affected.
- Version 10.6.1.0 is affected.
- Version 10.1.2.0 is affected.
- Version 10.0.2.0 is affected.
- Version 10.7.1.0 is affected.
- Version 10.2.2.0 is affected.
- Version 0.0.0.0 is affected.
- Version 10.3.2.0 is affected.
- Version 10.4.2.0 is affected.
- Version 10.8.1.0 is affected.
- Version 10.5.2.0 is affected.
- Version 10.9.1.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.