How severe is CVE-2023-20226?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2023-20226?

This is classified as CWE-456, which is a common weakness in software security.

CVE-2023-20226 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Related Vulnerabilities

CVE-2019-3836

HIGH

CVSS:7.5(High)

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.

CWE-4562019

CVE-2024-32878

HIGH

CVSS:7.1(High)

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will ...

CWE-4562024

CVE-2021-34703

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting ...

CWE-4562021

CVE-2018-14641

MEDIUM

CVSS:5.9(Medium)

A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). W...

CWE-4562018

CVE-2021-40403

MEDIUM

CVSS:5.8(Medium)

An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. A specially-crafted pick-and-place...

CWE-4562021

CVE-2019-3836

HIGH

CVSS:7.5(High)

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.

CWE-4562019