How severe is CVE-2023-20116?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.7 out of 10.

What type of vulnerability is CVE-2023-20116?

This is classified as CWE-835, which is a common weakness in software security.

CVE-2023-20116 - MEDIUM Severity | CVSS 5.7

Vulnerability Description

A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Related Vulnerabilities

CVE-2017-17131

MEDIUM

CVSS:5.7(Medium)

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due ...

CWE-8352017

CVE-2017-9310

MEDIUM

CVSS:5.6(Medium)

QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the init...

CWE-8352017

CVE-2017-9330

MEDIUM

CVSS:5.6(Medium)

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value...

CWE-8352017

CVE-2010-0207

MEDIUM

CVSS:5.5(Medium)

In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.

CWE-8352010

CVE-2011-4621

MEDIUM

CVSS:5.5(Medium)

The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes cod...

CWE-8352011

CVE-2012-0248

MEDIUM

CVSS:5.5(Medium)

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the ID...

CWE-8352012