Input validation error in Cisco Systems, Inc Other software

#VU81288 Input validation error in Cisco Systems, Inc Other software

Published: 2023-09-29

Vulnerability identifier: #VU81288

Vulnerability risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20226

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco IOS XE
Operating systems & Components / Operating system
4200 Series Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
4300 Series Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst 8000V Edge Software
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst 8200 Series Edge Platforms
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst 8300 Series Edge Platforms
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst 8500L Series Edge Platforms
Hardware solutions / Routers & switches, VoIP, GSM, etc
ISR1100 Series Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst IR8300 Rugged Series Router
Other software / Other software solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD). A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cisco IOS XE: 17.9.1 - sdwan-17.9.2

4200 Series Integrated Services Routers: All versions

4300 Series Integrated Services Routers: All versions

Catalyst 8000V Edge Software: All versions

Catalyst 8200 Series Edge Platforms: All versions

Catalyst 8300 Series Edge Platforms: All versions

Catalyst 8500L Series Edge Platforms: All versions

Catalyst IR8300 Rugged Series Router: All versions

ISR1100 Series Routers: All versions

External links
http://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Cisco IOS XE Software