Input validation error in Cisco Systems, Inc products - CVE-2023-20200
Published: August 25, 2023
Vulnerability identifier: #VU79993
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-20200
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco FXOS
UCS 6300 Series Fabric Interconnects
Firepower 4100 Series Security Appliances
Firepower 9300 Series Security Appliances
Cisco UCS
Cisco FXOS
UCS 6300 Series Fabric Interconnects
Firepower 4100 Series Security Appliances
Firepower 9300 Series Security Appliances
Cisco UCS
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the Simple Network Management Protocol (SNMP) service. A remote user can send a specially crafted SNMP request and perform a denial of service (DoS) attack.
How to mitigate CVE-2023-20200
Install update from vendor's website.