A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Cisco
  • Catalyst 9105i
  • Catalyst 9105w
  • Iw9167eh-x-ap
  • Esw6300
  • Catalyst 9120
  • Iw9167ih-x-ap
  • Ios Xe
  • Catalyst 9800-l
  • Iw9167eh-x-wgb
  • Catalyst 9115
  • Catalyst 9124d
  • Catalyst 9800-cl
  • Catalyst 9166d1
  • Catalyst Iw6300
  • Catalyst 9136
  • Catalyst 9124i
  • Catalyst 9164
  • Catalyst 9800-80
  • Catalyst 9124e
  • Catalyst 9166
  • Catalyst 9162
  • Catalyst 9130
  • Iw9167eh-x-urwb
  • Catalyst 9800-40

Configuration 1 [-]

AND
OR cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.9.2b:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9124d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9124e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9124i:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9166d1:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:iw9167eh-x-ap:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:iw9167eh-x-urwb:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:iw9167eh-x-wgb:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:iw9167ih-x-ap:-:*:*:*:*:*:*:*
References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-HFGMsfSD Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2023-09-27T17:24:05.086Z

Updated: 2024-01-25T16:57:56.871Z

Reserved: 2022-10-27T18:47:50.367Z

Link: CVE-2023-20202

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2023-09-27T18:15:11.177

Modified: 2024-01-25T17:15:35.217

Link: CVE-2023-20202

JSON object: View

cve-icon Redhat Information

No data.

CWE