// For flags

CVE-2023-20213

 

Severity Score

4.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes CDP traffic. An attacker could exploit this vulnerability by sending crafted CDP traffic to the device. A successful exploit could cause the CDP process to crash, impacting neighbor discovery and the ability of Cisco ISE to determine the reachability of remote devices. After a crash, the CDP process must be manually restarted using the cdp enable command in interface configuration mode.

Una vulnerabilidad en la función de procesamiento CDP de Cisco ISE podría permitir que un atacante adyacente no autenticado cause una condición de Denegación de Servicio (DoS) del proceso CDP en un dispositivo afectado. Esta vulnerabilidad se debe a una verificación de los límites insuficiente cuando un dispositivo afectado procesa el tráfico CDP. Un atacante podría aprovechar esta vulnerabilidad enviando tráfico CDP manipulado al dispositivo. Un exploit exitoso podría provocar que el proceso CDP falle, lo que afectaría el descubrimiento de vecinos y la capacidad de Cisco ISE para determinar la accesibilidad de los dispositivos remotos. Después de una falla, el proceso CDP se debe reiniciar manualmente usando el comando cdp enable en el modo de configuración de interfaz.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-10-27 CVE Reserved
  • 2023-11-01 CVE Published
  • 2023-11-15 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
-
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch1
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch2
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch3
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch4
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch5
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch6
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch7
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch8
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
2.7.0
Search vendor "Cisco" for product "Identity Services Engine" and version "2.7.0"
patch9
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
-
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
patch1
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
patch2
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
patch3
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
patch4
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
patch5
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.0.0
Search vendor "Cisco" for product "Identity Services Engine" and version "3.0.0"
patch6
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.1
Search vendor "Cisco" for product "Identity Services Engine" and version "3.1"
-
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.1
Search vendor "Cisco" for product "Identity Services Engine" and version "3.1"
patch1
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.1
Search vendor "Cisco" for product "Identity Services Engine" and version "3.1"
patch2
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.1
Search vendor "Cisco" for product "Identity Services Engine" and version "3.1"
patch3
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.1
Search vendor "Cisco" for product "Identity Services Engine" and version "3.1"
patch4
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.1
Search vendor "Cisco" for product "Identity Services Engine" and version "3.1"
patch5
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.2
Search vendor "Cisco" for product "Identity Services Engine" and version "3.2"
-
Affected
Cisco
Search vendor "Cisco"
Identity Services Engine
Search vendor "Cisco" for product "Identity Services Engine"
3.2
Search vendor "Cisco" for product "Identity Services Engine" and version "3.2"
patch1
Affected