CVE-2023-20169
Severity Score
7.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.
This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the unexpected restart of the IS-IS process, which could cause the affected device to reload. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2 adjacent to the affected device.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-10-27 CVE Reserved
- 2023-08-23 CVE Published
- 2024-01-26 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-788: Access of Memory Location After End of Buffer
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3048 Search vendor "Cisco" for product "Nexus 3048" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 31108pc-v Search vendor "Cisco" for product "Nexus 31108pc-v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 31108tc-v Search vendor "Cisco" for product "Nexus 31108tc-v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 31128pq Search vendor "Cisco" for product "Nexus 31128pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3132c-z Search vendor "Cisco" for product "Nexus 3132c-z" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3132q-v Search vendor "Cisco" for product "Nexus 3132q-v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3132q-xl Search vendor "Cisco" for product "Nexus 3132q-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3164q Search vendor "Cisco" for product "Nexus 3164q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3172pq Search vendor "Cisco" for product "Nexus 3172pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3172pq-xl Search vendor "Cisco" for product "Nexus 3172pq-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3172tq Search vendor "Cisco" for product "Nexus 3172tq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3172tq-32t Search vendor "Cisco" for product "Nexus 3172tq-32t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3172tq-xl Search vendor "Cisco" for product "Nexus 3172tq-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3232 Search vendor "Cisco" for product "Nexus 3232" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3264c-e Search vendor "Cisco" for product "Nexus 3264c-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3264q Search vendor "Cisco" for product "Nexus 3264q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3408-s Search vendor "Cisco" for product "Nexus 3408-s" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 34180yc Search vendor "Cisco" for product "Nexus 34180yc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 34200yc-sm Search vendor "Cisco" for product "Nexus 34200yc-sm" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3432d-s Search vendor "Cisco" for product "Nexus 3432d-s" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3464c Search vendor "Cisco" for product "Nexus 3464c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524 Search vendor "Cisco" for product "Nexus 3524" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-x Search vendor "Cisco" for product "Nexus 3524-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-xl Search vendor "Cisco" for product "Nexus 3524-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548 Search vendor "Cisco" for product "Nexus 3548" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-x Search vendor "Cisco" for product "Nexus 3548-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-xl Search vendor "Cisco" for product "Nexus 3548-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 36180yc-r Search vendor "Cisco" for product "Nexus 36180yc-r" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9232e Search vendor "Cisco" for product "Nexus 9232e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92348gc-x Search vendor "Cisco" for product "Nexus 92348gc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9408 Search vendor "Cisco" for product "Nexus 9408" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 10.3\(2\) Search vendor "Cisco" for product "Nx-os" and version "10.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|