{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-20168","assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","state":"PUBLISHED","assignerShortName":"cisco","dateReserved":"2022-10-27T18:47:50.362Z","datePublished":"2023-08-23T18:07:53.428Z","dateUpdated":"2024-08-02T09:05:35.038Z"},"containers":{"cna":{"providerMetadata":{"orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco","dateUpdated":"2024-01-25T16:57:48.712Z"},"descriptions":[{"lang":"en","value":"A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. "}],"affected":[{"vendor":"Cisco","product":"Cisco NX-OS Software","versions":[{"version":"4.2(1)SV1(4)","status":"affected"},{"version":"4.2(1)SV1(4a)","status":"affected"},{"version":"4.2(1)SV1(4b)","status":"affected"},{"version":"4.2(1)SV1(5.1)","status":"affected"},{"version":"4.2(1)SV1(5.1a)","status":"affected"},{"version":"4.2(1)SV1(5.2)","status":"affected"},{"version":"4.2(1)SV1(5.2b)","status":"affected"},{"version":"4.2(1)SV2(1.1)","status":"affected"},{"version":"4.2(1)SV2(1.1a)","status":"affected"},{"version":"4.2(1)SV2(2.1)","status":"affected"},{"version":"4.2(1)SV2(2.1a)","status":"affected"},{"version":"4.2(1)SV2(2.2)","status":"affected"},{"version":"4.2(1)SV2(2.3)","status":"affected"},{"version":"5.2(1)SM1(5.1)","status":"affected"},{"version":"5.2(1)SM1(5.2)","status":"affected"},{"version":"5.2(1)SM1(5.2a)","status":"affected"},{"version":"5.2(1)SM1(5.2b)","status":"affected"},{"version":"5.2(1)SM1(5.2c)","status":"affected"},{"version":"5.2(1)SM3(1.1)","status":"affected"},{"version":"5.2(1)SM3(1.1a)","status":"affected"},{"version":"5.2(1)SM3(1.1b)","status":"affected"},{"version":"5.2(1)SM3(1.1c)","status":"affected"},{"version":"5.2(1)SM3(2.1)","status":"affected"},{"version":"5.2(1)SV3(1.4)","status":"affected"},{"version":"5.2(1)SV3(1.1)","status":"affected"},{"version":"5.2(1)SV3(1.3)","status":"affected"},{"version":"5.2(1)SV3(1.5a)","status":"affected"},{"version":"5.2(1)SV3(1.5b)","status":"affected"},{"version":"5.2(1)SV3(1.6)","status":"affected"},{"version":"5.2(1)SV3(1.10)","status":"affected"},{"version":"5.2(1)SV3(1.15)","status":"affected"},{"version":"5.2(1)SV3(2.1)","status":"affected"},{"version":"5.2(1)SV3(2.5)","status":"affected"},{"version":"5.2(1)SV3(2.8)","status":"affected"},{"version":"5.2(1)SV3(3.1)","status":"affected"},{"version":"5.2(1)SV3(1.2)","status":"affected"},{"version":"5.2(1)SV3(1.4b)","status":"affected"},{"version":"5.2(1)SV3(3.15)","status":"affected"},{"version":"5.2(1)SV3(4.1)","status":"affected"},{"version":"5.2(1)SV3(4.1a)","status":"affected"},{"version":"5.2(1)SV3(4.1b)","status":"affected"},{"version":"5.2(1)SV3(4.1c)","status":"affected"},{"version":"6.0(2)A3(1)","status":"affected"},{"version":"6.0(2)A3(2)","status":"affected"},{"version":"6.0(2)A3(4)","status":"affected"},{"version":"6.0(2)A4(1)","status":"affected"},{"version":"6.0(2)A4(2)","status":"affected"},{"version":"6.0(2)A4(3)","status":"affected"},{"version":"6.0(2)A4(4)","status":"affected"},{"version":"6.0(2)A4(5)","status":"affected"},{"version":"6.0(2)A4(6)","status":"affected"},{"version":"6.0(2)A6(1)","status":"affected"},{"version":"6.0(2)A6(1a)","status":"affected"},{"version":"6.0(2)A6(2)","status":"affected"},{"version":"6.0(2)A6(2a)","status":"affected"},{"version":"6.0(2)A6(3)","status":"affected"},{"version":"6.0(2)A6(3a)","status":"affected"},{"version":"6.0(2)A6(4)","status":"affected"},{"version":"6.0(2)A6(4a)","status":"affected"},{"version":"6.0(2)A6(5)","status":"affected"},{"version":"6.0(2)A6(5a)","status":"affected"},{"version":"6.0(2)A6(5b)","status":"affected"},{"version":"6.0(2)A6(6)","status":"affected"},{"version":"6.0(2)A6(7)","status":"affected"},{"version":"6.0(2)A6(8)","status":"affected"},{"version":"6.0(2)A7(1)","status":"affected"},{"version":"6.0(2)A7(1a)","status":"affected"},{"version":"6.0(2)A7(2)","status":"affected"},{"version":"6.0(2)A7(2a)","status":"affected"},{"version":"6.0(2)A8(1)","status":"affected"},{"version":"6.0(2)A8(2)","status":"affected"},{"version":"6.0(2)A8(3)","status":"affected"},{"version":"6.0(2)A8(4)","status":"affected"},{"version":"6.0(2)A8(4a)","status":"affected"},{"version":"6.0(2)A8(5)","status":"affected"},{"version":"6.0(2)A8(6)","status":"affected"},{"version":"6.0(2)A8(7)","status":"affected"},{"version":"6.0(2)A8(7a)","status":"affected"},{"version":"6.0(2)A8(7b)","status":"affected"},{"version":"6.0(2)A8(8)","status":"affected"},{"version":"6.0(2)A8(9)","status":"affected"},{"version":"6.0(2)A8(10a)","status":"affected"},{"version":"6.0(2)A8(10)","status":"affected"},{"version":"6.0(2)A8(11)","status":"affected"},{"version":"6.0(2)A8(11a)","status":"affected"},{"version":"6.0(2)A8(11b)","status":"affected"},{"version":"6.0(2)U2(1)","status":"affected"},{"version":"6.0(2)U2(2)","status":"affected"},{"version":"6.0(2)U2(3)","status":"affected"},{"version":"6.0(2)U2(4)","status":"affected"},{"version":"6.0(2)U2(5)","status":"affected"},{"version":"6.0(2)U2(6)","status":"affected"},{"version":"6.0(2)U3(1)","status":"affected"},{"version":"6.0(2)U3(2)","status":"affected"},{"version":"6.0(2)U3(3)","status":"affected"},{"version":"6.0(2)U3(4)","status":"affected"},{"version":"6.0(2)U3(5)","status":"affected"},{"version":"6.0(2)U3(6)","status":"affected"},{"version":"6.0(2)U3(7)","status":"affected"},{"version":"6.0(2)U3(8)","status":"affected"},{"version":"6.0(2)U3(9)","status":"affected"},{"version":"6.0(2)U4(1)","status":"affected"},{"version":"6.0(2)U4(2)","status":"affected"},{"version":"6.0(2)U4(3)","status":"affected"},{"version":"6.0(2)U4(4)","status":"affected"},{"version":"6.0(2)U5(1)","status":"affected"},{"version":"6.0(2)U5(2)","status":"affected"},{"version":"6.0(2)U5(3)","status":"affected"},{"version":"6.0(2)U5(4)","status":"affected"},{"version":"6.0(2)U6(1)","status":"affected"},{"version":"6.0(2)U6(2)","status":"affected"},{"version":"6.0(2)U6(3)","status":"affected"},{"version":"6.0(2)U6(4)","status":"affected"},{"version":"6.0(2)U6(5)","status":"affected"},{"version":"6.0(2)U6(6)","status":"affected"},{"version":"6.0(2)U6(7)","status":"affected"},{"version":"6.0(2)U6(8)","status":"affected"},{"version":"6.0(2)U6(1a)","status":"affected"},{"version":"6.0(2)U6(2a)","status":"affected"},{"version":"6.0(2)U6(3a)","status":"affected"},{"version":"6.0(2)U6(4a)","status":"affected"},{"version":"6.0(2)U6(5a)","status":"affected"},{"version":"6.0(2)U6(5b)","status":"affected"},{"version":"6.0(2)U6(5c)","status":"affected"},{"version":"6.0(2)U6(9)","status":"affected"},{"version":"6.0(2)U6(10)","status":"affected"},{"version":"6.2(2)","status":"affected"},{"version":"6.2(2a)","status":"affected"},{"version":"6.2(6)","status":"affected"},{"version":"6.2(6b)","status":"affected"},{"version":"6.2(8)","status":"affected"},{"version":"6.2(8a)","status":"affected"},{"version":"6.2(8b)","status":"affected"},{"version":"6.2(10)","status":"affected"},{"version":"6.2(12)","status":"affected"},{"version":"6.2(18)","status":"affected"},{"version":"6.2(16)","status":"affected"},{"version":"6.2(14)","status":"affected"},{"version":"6.2(6a)","status":"affected"},{"version":"6.2(20)","status":"affected"},{"version":"6.2(1)","status":"affected"},{"version":"6.2(3)","status":"affected"},{"version":"6.2(5)","status":"affected"},{"version":"6.2(5a)","status":"affected"},{"version":"6.2(5b)","status":"affected"},{"version":"6.2(7)","status":"affected"},{"version":"6.2(9)","status":"affected"},{"version":"6.2(9a)","status":"affected"},{"version":"6.2(9b)","status":"affected"},{"version":"6.2(9c)","status":"affected"},{"version":"6.2(11)","status":"affected"},{"version":"6.2(11b)","status":"affected"},{"version":"6.2(11c)","status":"affected"},{"version":"6.2(11d)","status":"affected"},{"version":"6.2(11e)","status":"affected"},{"version":"6.2(13)","status":"affected"},{"version":"6.2(13a)","status":"affected"},{"version":"6.2(13b)","status":"affected"},{"version":"6.2(15)","status":"affected"},{"version":"6.2(17)","status":"affected"},{"version":"6.2(19)","status":"affected"},{"version":"6.2(21)","status":"affected"},{"version":"6.2(23)","status":"affected"},{"version":"6.2(20a)","status":"affected"},{"version":"6.2(25)","status":"affected"},{"version":"6.2(22)","status":"affected"},{"version":"6.2(27)","status":"affected"},{"version":"6.2(29)","status":"affected"},{"version":"6.2(24)","status":"affected"},{"version":"6.2(31)","status":"affected"},{"version":"6.2(24a)","status":"affected"},{"version":"6.2(33)","status":"affected"},{"version":"7.0(3)F1(1)","status":"affected"},{"version":"7.0(3)F2(1)","status":"affected"},{"version":"7.0(3)F2(2)","status":"affected"},{"version":"7.0(3)F3(1)","status":"affected"},{"version":"7.0(3)F3(2)","status":"affected"},{"version":"7.0(3)F3(3)","status":"affected"},{"version":"7.0(3)F3(3a)","status":"affected"},{"version":"7.0(3)F3(4)","status":"affected"},{"version":"7.0(3)F3(3c)","status":"affected"},{"version":"7.0(3)F3(5)","status":"affected"},{"version":"7.0(3)I2(2a)","status":"affected"},{"version":"7.0(3)I2(2b)","status":"affected"},{"version":"7.0(3)I2(2c)","status":"affected"},{"version":"7.0(3)I2(2d)","status":"affected"},{"version":"7.0(3)I2(2e)","status":"affected"},{"version":"7.0(3)I2(3)","status":"affected"},{"version":"7.0(3)I2(4)","status":"affected"},{"version":"7.0(3)I2(5)","status":"affected"},{"version":"7.0(3)I2(1)","status":"affected"},{"version":"7.0(3)I2(1a)","status":"affected"},{"version":"7.0(3)I2(2)","status":"affected"},{"version":"7.0(3)I3(1)","status":"affected"},{"version":"7.0(3)I4(1)","status":"affected"},{"version":"7.0(3)I4(2)","status":"affected"},{"version":"7.0(3)I4(3)","status":"affected"},{"version":"7.0(3)I4(4)","status":"affected"},{"version":"7.0(3)I4(5)","status":"affected"},{"version":"7.0(3)I4(6)","status":"affected"},{"version":"7.0(3)I4(7)","status":"affected"},{"version":"7.0(3)I4(8)","status":"affected"},{"version":"7.0(3)I4(8a)","status":"affected"},{"version":"7.0(3)I4(8b)","status":"affected"},{"version":"7.0(3)I4(8z)","status":"affected"},{"version":"7.0(3)I4(9)","status":"affected"},{"version":"7.0(3)I5(1)","status":"affected"},{"version":"7.0(3)I5(2)","status":"affected"},{"version":"7.0(3)I6(1)","status":"affected"},{"version":"7.0(3)I6(2)","status":"affected"},{"version":"7.0(3)I7(1)","status":"affected"},{"version":"7.0(3)I7(2)","status":"affected"},{"version":"7.0(3)I7(3)","status":"affected"},{"version":"7.0(3)I7(4)","status":"affected"},{"version":"7.0(3)I7(5)","status":"affected"},{"version":"7.0(3)I7(5a)","status":"affected"},{"version":"7.0(3)I7(6)","status":"affected"},{"version":"7.0(3)I7(7)","status":"affected"},{"version":"7.0(3)I7(8)","status":"affected"},{"version":"7.0(3)I7(9)","status":"affected"},{"version":"7.0(3)I7(10)","status":"affected"},{"version":"7.1(0)N1(1a)","status":"affected"},{"version":"7.1(0)N1(1b)","status":"affected"},{"version":"7.1(0)N1(1)","status":"affected"},{"version":"7.1(1)N1(1)","status":"affected"},{"version":"7.1(2)N1(1)","status":"affected"},{"version":"7.1(3)N1(1)","status":"affected"},{"version":"7.1(3)N1(2)","status":"affected"},{"version":"7.1(4)N1(1)","status":"affected"},{"version":"7.1(5)N1(1)","status":"affected"},{"version":"7.1(5)N1(1b)","status":"affected"},{"version":"7.2(0)D1(1)","status":"affected"},{"version":"7.2(1)D1(1)","status":"affected"},{"version":"7.2(2)D1(2)","status":"affected"},{"version":"7.2(2)D1(1)","status":"affected"},{"version":"7.3(0)D1(1)","status":"affected"},{"version":"7.3(0)DX(1)","status":"affected"},{"version":"7.3(0)DY(1)","status":"affected"},{"version":"7.3(0)N1(1)","status":"affected"},{"version":"7.3(1)D1(1)","status":"affected"},{"version":"7.3(1)DY(1)","status":"affected"},{"version":"7.3(1)N1(1)","status":"affected"},{"version":"7.3(2)D1(1)","status":"affected"},{"version":"7.3(2)D1(2)","status":"affected"},{"version":"7.3(2)D1(3)","status":"affected"},{"version":"7.3(2)D1(3a)","status":"affected"},{"version":"7.3(2)N1(1)","status":"affected"},{"version":"7.3(3)N1(1)","status":"affected"},{"version":"8.0(1)","status":"affected"},{"version":"8.1(1)","status":"affected"},{"version":"8.1(2)","status":"affected"},{"version":"8.1(2a)","status":"affected"},{"version":"8.1(1a)","status":"affected"},{"version":"8.1(1b)","status":"affected"},{"version":"8.2(1)","status":"affected"},{"version":"8.2(2)","status":"affected"},{"version":"8.2(3)","status":"affected"},{"version":"8.2(4)","status":"affected"},{"version":"8.2(5)","status":"affected"},{"version":"8.2(6)","status":"affected"},{"version":"8.2(7)","status":"affected"},{"version":"8.2(7a)","status":"affected"},{"version":"8.2(8)","status":"affected"},{"version":"8.2(9)","status":"affected"},{"version":"8.3(1)","status":"affected"},{"version":"8.3(2)","status":"affected"},{"version":"9.2(1)","status":"affected"},{"version":"9.2(2)","status":"affected"},{"version":"9.2(2t)","status":"affected"},{"version":"9.2(3)","status":"affected"},{"version":"9.2(4)","status":"affected"},{"version":"9.2(2v)","status":"affected"},{"version":"9.2(1a)","status":"affected"},{"version":"7.3(4)N1(1)","status":"affected"},{"version":"7.3(3)D1(1)","status":"affected"},{"version":"7.3(4)D1(1)","status":"affected"},{"version":"7.3(5)N1(1)","status":"affected"},{"version":"5.2(1)SK3(1.1)","status":"affected"},{"version":"5.2(1)SK3(2.1)","status":"affected"},{"version":"5.2(1)SK3(2.2)","status":"affected"},{"version":"5.2(1)SK3(2.2b)","status":"affected"},{"version":"5.2(1)SK3(2.1a)","status":"affected"},{"version":"5.2(1)SV5(1.1)","status":"affected"},{"version":"5.2(1)SV5(1.2)","status":"affected"},{"version":"5.2(1)SV5(1.3)","status":"affected"},{"version":"5.2(1)SV5(1.3a)","status":"affected"},{"version":"5.2(1)SV5(1.3b)","status":"affected"},{"version":"5.2(1)SV5(1.3c)","status":"affected"},{"version":"8.4(1)","status":"affected"},{"version":"8.4(1a)","status":"affected"},{"version":"8.4(2)","status":"affected"},{"version":"8.4(2a)","status":"affected"},{"version":"8.4(3)","status":"affected"},{"version":"8.4(2b)","status":"affected"},{"version":"8.4(4)","status":"affected"},{"version":"8.4(2c)","status":"affected"},{"version":"8.4(4a)","status":"affected"},{"version":"8.4(5)","status":"affected"},{"version":"8.4(2d)","status":"affected"},{"version":"8.4(6)","status":"affected"},{"version":"8.4(2e)","status":"affected"},{"version":"8.4(6a)","status":"affected"},{"version":"8.4(7)","status":"affected"},{"version":"8.4(2f)","status":"affected"},{"version":"9.3(1)","status":"affected"},{"version":"9.3(2)","status":"affected"},{"version":"9.3(3)","status":"affected"},{"version":"9.3(4)","status":"affected"},{"version":"9.3(5)","status":"affected"},{"version":"9.3(6)","status":"affected"},{"version":"9.3(7)","status":"affected"},{"version":"9.3(7a)","status":"affected"},{"version":"9.3(8)","status":"affected"},{"version":"9.3(9)","status":"affected"},{"version":"9.3(10)","status":"affected"},{"version":"9.3(11)","status":"affected"},{"version":"7.3(6)N1(1)","status":"affected"},{"version":"7.3(5)D1(1)","status":"affected"},{"version":"7.3(7)N1(1)","status":"affected"},{"version":"7.3(7)N1(1a)","status":"affected"},{"version":"7.3(7)N1(1b)","status":"affected"},{"version":"7.3(6)D1(1)","status":"affected"},{"version":"7.3(8)N1(1)","status":"affected"},{"version":"7.3(7)D1(1)","status":"affected"},{"version":"7.3(9)N1(1)","status":"affected"},{"version":"10.1(1)","status":"affected"},{"version":"10.1(2)","status":"affected"},{"version":"10.1(2t)","status":"affected"},{"version":"8.5(1)","status":"affected"},{"version":"7.3(10)N1(1)","status":"affected"},{"version":"7.3(8)D1(1)","status":"affected"},{"version":"10.2(1)","status":"affected"},{"version":"10.2(1q)","status":"affected"},{"version":"10.2(2)","status":"affected"},{"version":"10.2(3)","status":"affected"},{"version":"10.2(3t)","status":"affected"},{"version":"10.2(4)","status":"affected"},{"version":"10.2(5)","status":"affected"},{"version":"7.3(9)D1(1)","status":"affected"},{"version":"7.3(11)N1(1)","status":"affected"},{"version":"7.3(12)N1(1)","status":"affected"},{"version":"10.3(1)","status":"affected"},{"version":"10.3(2)","status":"affected"},{"version":"7.3(13)N1(1)","status":"affected"}]}],"problemTypes":[{"descriptions":[{"lang":"en","description":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","type":"cwe","cweId":"CWE-120"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m","name":"cisco-sa-nxos-remoteauth-dos-XB6pv74m"}],"metrics":[{"format":"cvssV3_1","cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"exploits":[{"lang":"en","value":"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"source":{"advisory":"cisco-sa-nxos-remoteauth-dos-XB6pv74m","discovery":"EXTERNAL","defects":["CSCwe72368","CSCwe72670","CSCwe72648","CSCwe72673","CSCwe72674"]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T09:05:35.038Z"},"title":"CVE Program Container","references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m","name":"cisco-sa-nxos-remoteauth-dos-XB6pv74m","tags":["x_transferred"]}]}]}}