7.1

CVE-2023-20168

A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.

Data is provided by the National Vulnerability Database (NVD)
CiscoNx-os Version9.3(11)
   CiscoNexus 3048 Version-
   CiscoNexus 31108pc-v Version-
   CiscoNexus 31108tc-v Version-
   CiscoNexus 31128pq Version-
   CiscoNexus 3132c-z Version-
   CiscoNexus 3132q-v Version-
   CiscoNexus 3132q-xl Version-
   CiscoNexus 3164q Version-
   CiscoNexus 3172pq Version-
   CiscoNexus 3172pq-xl Version-
   CiscoNexus 3172tq Version-
   CiscoNexus 3172tq-32t Version-
   CiscoNexus 3172tq-xl Version-
   CiscoNexus 3232 Version-
   CiscoNexus 3264c-e Version-
   CiscoNexus 3264q Version-
   CiscoNexus 3408-s Version-
   CiscoNexus 34180yc Version-
   CiscoNexus 34200yc-sm Version-
   CiscoNexus 3432d-s Version-
   CiscoNexus 3464c Version-
   CiscoNexus 3524 Version-
   CiscoNexus 3524-x Version-
   CiscoNexus 3524-xl Version-
   CiscoNexus 3548 Version-
   CiscoNexus 3548-x Version-
   CiscoNexus 3548-xl Version-
   CiscoNexus 36180yc-r Version-
   CiscoNexus 9232e Version-
   CiscoNexus 92348gc-x Version-
   CiscoNexus 9408 Version-
   CiscoNexus 9504 Version-
   CiscoNexus 9508 Version-
   CiscoNexus 9516 Version-
CiscoNx-os Version10.2(5)
   CiscoNexus 3048 Version-
   CiscoNexus 31108pc-v Version-
   CiscoNexus 31108tc-v Version-
   CiscoNexus 31128pq Version-
   CiscoNexus 3132c-z Version-
   CiscoNexus 3132q-v Version-
   CiscoNexus 3132q-xl Version-
   CiscoNexus 3164q Version-
   CiscoNexus 3172pq Version-
   CiscoNexus 3172pq-xl Version-
   CiscoNexus 3172tq Version-
   CiscoNexus 3172tq-32t Version-
   CiscoNexus 3172tq-xl Version-
   CiscoNexus 3232 Version-
   CiscoNexus 3264c-e Version-
   CiscoNexus 3264q Version-
   CiscoNexus 3408-s Version-
   CiscoNexus 34180yc Version-
   CiscoNexus 34200yc-sm Version-
   CiscoNexus 3432d-s Version-
   CiscoNexus 3464c Version-
   CiscoNexus 3524 Version-
   CiscoNexus 3524-x Version-
   CiscoNexus 3524-xl Version-
   CiscoNexus 3548 Version-
   CiscoNexus 3548-x Version-
   CiscoNexus 3548-xl Version-
   CiscoNexus 36180yc-r Version-
   CiscoNexus 9232e Version-
   CiscoNexus 92348gc-x Version-
   CiscoNexus 9408 Version-
   CiscoNexus 9504 Version-
   CiscoNexus 9508 Version-
   CiscoNexus 9516 Version-
CiscoNx-os Version-
   CiscoMds 9000 Version-
   CiscoMds 9100 Version-
   CiscoMds 9132t Version-
   CiscoMds 9134 Version-
   CiscoMds 9140 Version-
   CiscoMds 9148 Version-
   CiscoMds 9148s Version-
   CiscoMds 9148t Version-
   CiscoMds 9200 Version-
   CiscoMds 9216 Version-
   CiscoMds 9216a Version-
   CiscoMds 9216i Version-
   CiscoMds 9222i Version-
   CiscoMds 9250i Version-
   CiscoMds 9396s Version-
   CiscoMds 9396t Version-
   CiscoMds 9500 Version-
   CiscoMds 9506 Version-
   CiscoMds 9509 Version-
   CiscoMds 9513 Version-
   CiscoMds 9700 Version-
   CiscoMds 9706 Version-
   CiscoMds 9710 Version-
   CiscoMds 9718 Version-
   CiscoNexus 1000 Virtual Edge Version- SwPlatformvmware_vsphere
   CiscoNexus 1000v Version- SwPlatformmicrosoft_hyper-v
   CiscoNexus 1000v Version- SwPlatformvmware_vsphere
   CiscoNexus 5500 Version-
   CiscoNexus 5548p Version-
   CiscoNexus 5548up Version-
   CiscoNexus 5596t Version-
   CiscoNexus 5596up Version-
   CiscoNexus 5600 Version-
   CiscoNexus 56128p Version-
   CiscoNexus 5624q Version-
   CiscoNexus 5648q Version-
   CiscoNexus 5672up Version-
   CiscoNexus 5672up-16g Version-
   CiscoNexus 5696q Version-
   CiscoNexus 6000 Version-
   CiscoNexus 6001 Version-
   CiscoNexus 6001p Version-
   CiscoNexus 6001t Version-
   CiscoNexus 6004 Version-
   CiscoNexus 6004x Version-
   CiscoNexus 7000 Version-
   CiscoNexus 7004 Version-
   CiscoNexus 7009 Version-
   CiscoNexus 7010 Version-
   CiscoNexus 7018 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.11% 0.259
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2 4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
psirt@cisco.com 7.1 2.5 4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.