CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20176
https://notcve.org/view.php?id=CVE-2023-20176
A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition. Una vulnerabilidad en el componente de red del software del punto de acceso (AP) de Cisco podría permitir que un atacante remoto no autenticado cause una interrupción temporal del servicio. Esta vulnerabilidad se debe al uso excesivo de los recursos AP. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.4EPSS: 0%CPEs: 62EXPL: 0CVE-2023-20112 – Cisco Access Point Software Association Request Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20112
A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •