CVE-2023-20112 - Vulnerability Details

A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0005.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Cisco	Business 150ax Business 150ax Firmware Business 151axm Business 151axm Firmware Catalyst 9105ax Catalyst 9105ax Firmware Catalyst 9105axi Catalyst 9105axi Firmware Catalyst 9105axw Catalyst 9105axw Firmware Catalyst 9105i Catalyst 9105i Firmware Catalyst 9105w Catalyst 9105w Firmware Catalyst 9115 Catalyst 9115 Firmware Catalyst 9115ax Catalyst 9115ax Firmware Catalyst 9115axe Catalyst 9115axe Firmware Catalyst 9115axi Catalyst 9115axi Firmware Catalyst 9117 Catalyst 9117 Firmware Catalyst 9117ax Catalyst 9117ax Firmware Catalyst 9117axi Catalyst 9117axi Firmware Catalyst 9120 Catalyst 9120 Firmware Catalyst 9120ax Catalyst 9120ax Firmware Catalyst 9120axe Catalyst 9120axe Firmware Catalyst 9120axi Catalyst 9120axi Firmware Catalyst 9120axp Catalyst 9120axp Firmware Catalyst 9124 Catalyst 9124 Firmware Catalyst 9124ax Catalyst 9124ax Firmware Catalyst 9124axd Catalyst 9124axd Firmware Catalyst 9124axi Catalyst 9124axi Firmware Catalyst 9130 Catalyst 9130 Firmware Catalyst 9130ax Catalyst 9130ax Firmware Catalyst 9130axe Catalyst 9130axe Firmware Catalyst 9130axi Catalyst 9130axi Firmware Catalyst 9136 Catalyst 9136 Firmware Catalyst 9162 Catalyst 9162 Firmware Catalyst 9164 Catalyst 9164 Firmware Catalyst 9166 Catalyst 9166 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:cisco:business_150ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:business_150ax:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:cisco:business_151axm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:cisco:catalyst_9105ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:cisco:catalyst_9105axi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:cisco:catalyst_9105axw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:cisco:catalyst_9105i_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:cisco:catalyst_9105w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:cisco:catalyst_9115_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:cisco:catalyst_9115ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:cisco:catalyst_9115axe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:cisco:catalyst_9115axi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:cisco:catalyst_9117_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:cisco:catalyst_9117ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:cisco:catalyst_9117axi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:cisco:catalyst_9120_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:cisco:catalyst_9120ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:cisco:catalyst_9120axe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:cisco:catalyst_9120axi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:cisco:catalyst_9120axp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:cisco:catalyst_9124_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:cisco:catalyst_9124ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:cisco:catalyst_9124axd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:cisco:catalyst_9124axi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:cisco:catalyst_9130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:cisco:catalyst_9130ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:cisco:catalyst_9130axe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:cisco:catalyst_9130axi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:cisco:catalyst_9136_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:cisco:catalyst_9162_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:cisco:catalyst_9164_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:cisco:catalyst_9166_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-24291	A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2

History

Fri, 25 Oct 2024 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-03-23T00:00:00

Updated: 2024-10-25T16:02:04.798Z

Reserved: 2022-10-27T00:00:00

Link: CVE-2023-20112

Vulnrichment

Updated: 2024-08-02T08:57:35.895Z

NVD

Status : Modified

Published: 2023-03-23T17:15:15.267

Modified: 2024-11-21T07:40:34.933

Link: CVE-2023-20112

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object