HIGH✓ PATCH🇬🇧 English

CVE-2023-20014

CVSS 7.5v3.1pub. 2023-03-01upd. 2024-11-21

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a continuous stream of DNS requests to an affected device. A successful exploit could allow the attacker to cause the coredns service to stop working or cause the device to reload, resulting in a DoS condition.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Cisco Nexus Dashboard

    APP
    Cisco
    < 2.3\(1c\)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2022-20858CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute a...

CVE-2022-20857CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute a...

CVE-2022-20861CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute a...

CVE-2025-20163HIGH8.7ten sam produkt

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an una...

CVE-2024-20281HIGH7.5ten sam produkt

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hoste...