Description
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.
Published: 2023-08-23
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-24347 A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.
History

No history.

Subscriptions

Cisco Mds 9000 Mds 9100 Mds 9132t Mds 9134 Mds 9140 Mds 9148 Mds 9148s Mds 9148t Mds 9200 Mds 9216 Mds 9216a Mds 9216i Mds 9222i Mds 9250i Mds 9396s Mds 9396t Mds 9500 Mds 9506 Mds 9509 Mds 9513 Mds 9700 Mds 9706 Mds 9710 Mds 9718 Nexus 1000 Virtual Edge Nexus 1000v Nexus 3048 Nexus 31108pc-v Nexus 31108tc-v Nexus 31128pq Nexus 3132c-z Nexus 3132q-v Nexus 3132q-xl Nexus 3164q Nexus 3172pq Nexus 3172pq-xl Nexus 3172tq Nexus 3172tq-32t Nexus 3172tq-xl Nexus 3232 Nexus 3264c-e Nexus 3264q Nexus 3408-s Nexus 34180yc Nexus 34200yc-sm Nexus 3432d-s Nexus 3464c Nexus 3524 Nexus 3524-x Nexus 3524-xl Nexus 3548 Nexus 3548-x Nexus 3548-xl Nexus 36180yc-r Nexus 5500 Nexus 5548p Nexus 5548up Nexus 5596t Nexus 5596up Nexus 5600 Nexus 56128p Nexus 5624q Nexus 5648q Nexus 5672up Nexus 5672up-16g Nexus 5696q Nexus 6000 Nexus 6001 Nexus 6001p Nexus 6001t Nexus 6004 Nexus 6004x Nexus 7000 Nexus 7004 Nexus 7009 Nexus 7010 Nexus 7018 Nexus 9232e Nexus 92348gc-x Nexus 9408 Nexus 9504 Nexus 9508 Nexus 9516 Nx-os
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-08-02T09:05:35.038Z

Reserved: 2022-10-27T18:47:50.362Z

Link: CVE-2023-20168

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-08-23T19:15:07.777

Modified: 2024-11-21T07:40:43.873

Link: CVE-2023-20168

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses