CVE-2023-20226
Summary
| CVE | CVE-2023-20226 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-09-27 18:15:00 UTC |
| Updated | 2024-01-25 17:15:00 UTC |
| Description | A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | 1100-4gltegb Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 1100-4gltena Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 1100-4g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 1100-6g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4221 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4321/k9-rf Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4321/k9-ws Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4321/k9 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4321 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4331/k9-rf Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4331/k9-ws Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4331/k9 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4331 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4351/k9-rf Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4351/k9-ws Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4351/k9 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4351 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 4431 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | C8200-1n-4t | - | All | All | All |
| Hardware | Cisco | C8200l-1n-4t | - | All | All | All |
| Hardware | Cisco | C8500l-8s4x | - | All | All | All |
| Application | Cisco | Catalyst 8000v Edge | - | All | All | All |
| Hardware | Cisco | Catalyst 8300-1n1s-4t2x | - | All | All | All |
| Hardware | Cisco | Catalyst 8300-1n1s-6t | - | All | All | All |
| Hardware | Cisco | Catalyst 8300-2n2s-4t2x | - | All | All | All |
| Hardware | Cisco | Catalyst 8300-2n2s-6t | - | All | All | All |
| Hardware | Cisco | Catalyst Ir8340 | - | All | All | All |
| Operating System | Cisco | Ios Xe | 17.10.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.10.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.7.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.7.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.7.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.8.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.8.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.9.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.9.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.9.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.9.2a | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability | MISC | sec.cloudapps.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317365 Cisco Internetwork Operating System (IOS) XE Software Application Quality of Experience and Unified Threat Defense Denial of Service (DoS) Vulnerability (cisco-sa-appqoe-utd-dos-p8O57p5y)