CVE-2023-20168
6.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Exploitability: 2.0 / Impact: 4.0
Source: NVD
Description
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.
Affected (3)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.2(5) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 3048 | All versions |
Cisco Nexus 31108pc V | All versions |
Cisco Nexus 31108tc V | All versions |
Cisco Nexus 31128pq | All versions |
Cisco Nexus 3132c Z | All versions |
Cisco Nexus 3132q V | All versions |
Cisco Nexus 3132q Xl | All versions |
Cisco Nexus 3164q | All versions |
Cisco Nexus 3172pq | All versions |
Cisco Nexus 3172pq Xl | All versions |
Cisco Nexus 3172tq | All versions |
Cisco Nexus 3172tq 32t | All versions |
Cisco Nexus 3172tq Xl | All versions |
Cisco Nexus 3232 | All versions |
Cisco Nexus 3264c E | All versions |
Cisco Nexus 3264q | All versions |
Cisco Nexus 3408 S | All versions |
Cisco Nexus 34180yc | All versions |
Cisco Nexus 34200yc Sm | All versions |
Cisco Nexus 3432d S | All versions |
Cisco Nexus 3464c | All versions |
Cisco Nexus 3524 | All versions |
Cisco Nexus 3524 X | All versions |
Cisco Nexus 3524 Xl | All versions |
Cisco Nexus 3548 | All versions |
Cisco Nexus 3548 X | All versions |
Cisco Nexus 3548 Xl | All versions |
Cisco Nexus 36180yc R | All versions |
Cisco Nexus 9232e | All versions |
Cisco Nexus 92348gc X | All versions |
Cisco Nexus 9408 | All versions |
Cisco Nexus 9504 | All versions |
Cisco Nexus 9508 | All versions |
Cisco Nexus 9516 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cisco Mds 9000 | All versions |
Cisco Mds 9100 | All versions |
Cisco Mds 9132t | All versions |
Cisco Mds 9134 | All versions |
Cisco Mds 9140 | All versions |
Cisco Mds 9148 | All versions |
Cisco Mds 9148s | All versions |
Cisco Mds 9148t | All versions |
Cisco Mds 9200 | All versions |
Cisco Mds 9216 | All versions |
Cisco Mds 9216a | All versions |
Cisco Mds 9216i | All versions |
Cisco Mds 9222i | All versions |
Cisco Mds 9250i | All versions |
Cisco Mds 9396s | All versions |
Cisco Mds 9396t | All versions |
Cisco Mds 9500 | All versions |
Cisco Mds 9506 | All versions |
Cisco Mds 9509 | All versions |
Cisco Mds 9513 | All versions |
Cisco Mds 9700 | All versions |
Cisco Mds 9706 | All versions |
Cisco Mds 9710 | All versions |
Cisco Mds 9718 | All versions |
Cisco Nexus 1000 Virtual Edge | All versions |
Cisco Nexus 1000v | All versions |
Cisco Nexus 5500 | All versions |
Cisco Nexus 5548p | All versions |
Cisco Nexus 5548up | All versions |
Cisco Nexus 5596t | All versions |
Cisco Nexus 5596up | All versions |
Cisco Nexus 5600 | All versions |
Cisco Nexus 56128p | All versions |
Cisco Nexus 5624q | All versions |
Cisco Nexus 5648q | All versions |
Cisco Nexus 5672up | All versions |
Cisco Nexus 5672up 16g | All versions |
Cisco Nexus 5696q | All versions |
Cisco Nexus 6000 | All versions |
Cisco Nexus 6001 | All versions |
Cisco Nexus 6001p | All versions |
Cisco Nexus 6001t | All versions |
Cisco Nexus 6004 | All versions |
Cisco Nexus 6004x | All versions |
Cisco Nexus 7000 | All versions |
Cisco Nexus 7004 | All versions |
Cisco Nexus 7009 | All versions |
Cisco Nexus 7010 | All versions |
Cisco Nexus 7018 | All versions |
Related CWEs
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE-20
Improper Input Validation
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.