CVE-2023-20112

Published: Mar 23, 2023Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.

Affected (31)

Cisco

31 products

Business 150ax Firmware

Business 151axm Firmware

Catalyst 9105ax Firmware

Catalyst 9105axi Firmware

Catalyst 9105axw Firmware

Catalyst 9105i Firmware

Catalyst 9105w Firmware

Catalyst 9115 Firmware

Catalyst 9115ax Firmware

Catalyst 9115axe Firmware

Catalyst 9115axi Firmware

Catalyst 9117 Firmware

Catalyst 9117ax Firmware

Catalyst 9117axi Firmware

Catalyst 9120 Firmware

Catalyst 9120ax Firmware

Catalyst 9120axe Firmware

Catalyst 9120axi Firmware

Catalyst 9120axp Firmware

Catalyst 9124 Firmware

Catalyst 9124ax Firmware

Catalyst 9124axd Firmware

Catalyst 9124axi Firmware

Catalyst 9130 Firmware

Catalyst 9130ax Firmware

Catalyst 9130axe Firmware

Catalyst 9130axi Firmware

Catalyst 9136 Firmware

Catalyst 9162 Firmware

Catalyst 9164 Firmware

Catalyst 9166 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Business 150ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Business 150ax	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Business 151axm Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Business 151axm	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9105ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9105ax	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9105axi Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9105axi	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9105axw Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9105axw	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9105i Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9105i	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9105w Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9105w	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9115 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9115	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9115ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9115ax	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9115axe Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9115axe	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9115axi Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9115axi	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9117 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9117	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9117ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9117ax	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9117axi Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9117axi	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9120 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9120	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9120ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9120ax	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9120axe Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9120axe	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9120axi Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9120axi	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9120axp Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9120axp	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9124 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9124	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9124ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9124ax	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9124axd Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9124axd	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9124axi Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9124axi	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9130 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9130	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9130ax Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9130ax	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9130axe Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9130axe	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9130axi Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9130axi	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9136 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9136	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9162 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9162	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9164 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9164	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9166 Firmware	Before 10.3.2.0

Running on/with	Platform Versions
Cisco Catalyst 9166	All versions

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-126

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (2)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2

Source: psirt@cisco.com

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.