How severe is CVE-2023-20200?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2023-20200?

This is classified as CWE-835, which is a common weakness in software security.

CVE-2023-20200

MEDIUM Year: 2023

CVSS v3 Score

6.3

Medium

Weakness Type

CWE-835

View all →

Vulnerability Description

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device.

CVE-2019-3900

MEDIUM

CVSS:6.3(Medium)

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets fa...

CWE-8352019

CVE-2024-27032

MEDIUM

CVSS:6.3(Medium)

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block...

CWE-8352024

CVE-2015-8785

MEDIUM

CVSS:6.2(Medium)

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length...

CWE-8352015

CVE-2022-48635

MEDIUM

CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in dax_iomap_rw() I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WA...

CWE-8352022

CVE-2024-2397

MEDIUM

CVSS:6.2(Medium)

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump rel...

CWE-8352024

CVE-2010-1282

MEDIUM

CVSS:6.5(Medium)

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file.

CWE-8352010

CVE-2023-20200

Vulnerability Description

Related Vulnerabilities

CVE-2019-3900

CVE-2024-27032

CVE-2015-8785

CVE-2022-48635

CVE-2024-2397

CVE-2010-1282