CVE-2023-20168: Input Validation
First published: Wed Aug 23 2023(Updated: )
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Cisco NX-OS | =9.3\(11\) | |
| Cisco NX-OS | =10.2\(5\) | |
| Any of | ||
| Cisco Nexus 3048 Firmware | ||
| Cisco Nexus 31108PC-V Firmware | ||
| Cisco Nexus 31108TC-V Firmware | ||
| Cisco Nexus 31128PQ | ||
| Cisco Nexus 3132C-Z Firmware | ||
| Cisco Nexus 3132Q-V Firmware | ||
| Cisco Nexus 3132Q-XL Firmware | ||
| Cisco Nexus 3164Q Firmware | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172PQ-XL Firmware | ||
| Cisco Nexus 3172TQ Firmware | ||
| Cisco Nexus 3172TQ-XL | ||
| Cisco Nexus 3172TQ-XL Firmware | ||
| Cisco Nexus 3232 | ||
| Cisco Nexus 3264C-E Firmware | ||
| Cisco Nexus 3264Q Firmware | ||
| Cisco Nexus 3408-S Firmware | ||
| Cisco Nexus 34180YC Firmware | ||
| Cisco Nexus 34200YC-SM Firmware | ||
| Cisco Nexus 3432D-S Firmware | ||
| Cisco Nexus 3464C Firmware | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-XL Firmware | ||
| Cisco Nexus 3548-X/XL Firmware | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 36180YC-R Firmware | ||
| Cisco Nexus 9232E | ||
| Cisco Nexus 92348GC-X Switch | ||
| Cisco Nexus 9408 | ||
| Cisco Nexus 9504 firmware | ||
| Cisco Nexus 9508 | ||
| Cisco Nexus 9516 firmware | ||
| All of | ||
| Cisco NX-OS | ||
| Any of | ||
| Cisco MDS 9000 Series Multilayer Switches | ||
| Cisco MDS 9100 | ||
| Cisco MDS 9132T | ||
| Cisco MDS 9134 | ||
| Cisco MDS 9140 | ||
| Cisco MDS 9148 | ||
| Cisco MDS 9148S | ||
| Cisco MDS 9148T | ||
| Cisco MDS 9200 | ||
| Cisco MDS 9216 | ||
| Cisco MDS 9216 | ||
| Cisco MDS 9216 | ||
| Cisco MDS 9222i | ||
| Cisco MDS 9250i | ||
| Cisco MDS 9396S | ||
| Cisco MDS 9396T | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9513 Firmware | ||
| Cisco MDS 9700 | ||
| Cisco MDS 9706 Firmware | ||
| Cisco MDS 9710 Firmware | ||
| Cisco MDS 9718 Firmware | ||
| Cisco Nexus 1000V Switch for VMware vSphere | ||
| Cisco Nexus 1000V for Hyper-V | ||
| Cisco Nexus 1000V | ||
| Cisco NX-OS for Nexus 5500 Platform Switches | ||
| Cisco Nexus 5548P Firmware | ||
| Cisco Nexus 5548UP Firmware | ||
| Cisco Nexus 5596T Firmware | ||
| Cisco Nexus 5596UP Firmware | ||
| Cisco Nexus 5600 Firmware | ||
| Cisco 56128p | ||
| Cisco Nexus 5624Q Firmware | ||
| Cisco Nexus 5648Q Firmware | ||
| Cisco Nexus 5672UP-16G | ||
| Cisco Nexus 5672UP-16G Firmware | ||
| Cisco Nexus 5696Q Firmware | ||
| Cisco Nexus 6000 firmware | ||
| Cisco Nexus 6001 Firmware | ||
| Cisco Nexus 6001P Firmware | ||
| Cisco Nexus 6001T Firmware | ||
| Cisco Nexus 6004 Firmware | ||
| Cisco Nexus 6004X Firmware | ||
| Cisco NEXUS 7000 Series Switch | ||
| Cisco Nexus 7004 Firmware | ||
| Cisco Nexus 7009 Firmware | ||
| Cisco Nexus 7010 Firmware | ||
| Cisco Nexus 7018 Firmware | ||
| Cisco NX-OS | =9.3\(11\) | |
| Cisco NX-OS | =10.2\(5\) | |
| Cisco Nexus 3048 Firmware | ||
| Cisco Nexus 31108PC-V Firmware | ||
| Cisco Nexus 31108TC-V Firmware | ||
| Cisco Nexus 31128PQ | ||
| Cisco Nexus 3132C-Z Firmware | ||
| Cisco Nexus 3132Q-V Firmware | ||
| Cisco Nexus 3132Q-XL Firmware | ||
| Cisco Nexus 3164Q Firmware | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172PQ-XL Firmware | ||
| Cisco Nexus 3172TQ Firmware | ||
| Cisco Nexus 3172TQ-XL | ||
| Cisco Nexus 3172TQ-XL Firmware | ||
| Cisco Nexus 3232 | ||
| Cisco Nexus 3264C-E Firmware | ||
| Cisco Nexus 3264Q Firmware | ||
| Cisco Nexus 3408-S Firmware | ||
| Cisco Nexus 34180YC Firmware | ||
| Cisco Nexus 34200YC-SM Firmware | ||
| Cisco Nexus 3432D-S Firmware | ||
| Cisco Nexus 3464C Firmware | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-XL Firmware | ||
| Cisco Nexus 3548-X/XL Firmware | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 36180YC-R Firmware | ||
| Cisco Nexus 9232E | ||
| Cisco Nexus 92348GC-X Switch | ||
| Cisco Nexus 9408 | ||
| Cisco Nexus 9504 firmware | ||
| Cisco Nexus 9508 | ||
| Cisco Nexus 9516 firmware | ||
| Cisco NX-OS | ||
| Cisco MDS 9000 Series Multilayer Switches | ||
| Cisco MDS 9100 | ||
| Cisco MDS 9132T | ||
| Cisco MDS 9134 | ||
| Cisco MDS 9140 | ||
| Cisco MDS 9148 | ||
| Cisco MDS 9148S | ||
| Cisco MDS 9148T | ||
| Cisco MDS 9200 | ||
| Cisco MDS 9216 | ||
| Cisco MDS 9216 | ||
| Cisco MDS 9216 | ||
| Cisco MDS 9222i | ||
| Cisco MDS 9250i | ||
| Cisco MDS 9396S | ||
| Cisco MDS 9396T | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9513 Firmware | ||
| Cisco MDS 9700 | ||
| Cisco MDS 9706 Firmware | ||
| Cisco MDS 9710 Firmware | ||
| Cisco MDS 9718 Firmware | ||
| Cisco Nexus 1000V Switch for VMware vSphere | ||
| Cisco Nexus 1000V for Hyper-V | ||
| Cisco Nexus 1000V | ||
| Cisco NX-OS for Nexus 5500 Platform Switches | ||
| Cisco Nexus 5548P Firmware | ||
| Cisco Nexus 5548UP Firmware | ||
| Cisco Nexus 5596T Firmware | ||
| Cisco Nexus 5596UP Firmware | ||
| Cisco Nexus 5600 Firmware | ||
| Cisco 56128p | ||
| Cisco Nexus 5624Q Firmware | ||
| Cisco Nexus 5648Q Firmware | ||
| Cisco Nexus 5672UP-16G | ||
| Cisco Nexus 5672UP-16G Firmware | ||
| Cisco Nexus 5696Q Firmware | ||
| Cisco Nexus 6000 firmware | ||
| Cisco Nexus 6001 Firmware | ||
| Cisco Nexus 6001P Firmware | ||
| Cisco Nexus 6001T Firmware | ||
| Cisco Nexus 6004 Firmware | ||
| Cisco Nexus 6004X Firmware | ||
| Cisco NEXUS 7000 Series Switch | ||
| Cisco Nexus 7004 Firmware | ||
| Cisco Nexus 7009 Firmware | ||
| Cisco Nexus 7010 Firmware | ||
| Cisco Nexus 7018 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-20168?
CVE-2023-20168 is rated as high severity due to its potential to allow an unauthenticated local attacker to cause a device reload.
How do I fix CVE-2023-20168?
To fix CVE-2023-20168, upgrade to the recommended fixed versions of Cisco NX-OS, specifically versions 9.3(11) or 10.2(5).
Who is affected by CVE-2023-20168?
CVE-2023-20168 affects devices running vulnerable Cisco NX-OS Software versions including 9.3(11) and 10.2(5).
What impact does CVE-2023-20168 have?
CVE-2023-20168 can lead to a denial of service by causing a device to unexpectedly reload.
Is there a workaround for CVE-2023-20168?
Currently, there are no known workarounds for CVE-2023-20168; applying the software updates is recommended.
- agent/type
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/9.3\(11\)
- version/cisco nx-os/10.2\(5\)
- canonical/cisco nexus 3048 firmware
- canonical/cisco nexus 31108pc-v firmware
- canonical/cisco nexus 31108tc-v firmware
- canonical/cisco nexus 31128pq
- canonical/cisco nexus 3132c-z firmware
- canonical/cisco nexus 3132q-v firmware
- canonical/cisco nexus 3132q-xl firmware
- canonical/cisco nexus 3164q firmware
- canonical/cisco nexus 3172pq/pq-xl
- canonical/cisco nexus 3172pq-xl firmware
- canonical/cisco nexus 3172tq firmware
- canonical/cisco nexus 3172tq-xl
- canonical/cisco nexus 3172tq-xl firmware
- canonical/cisco nexus 3232
- canonical/cisco nexus 3264c-e firmware
- canonical/cisco nexus 3264q firmware
- canonical/cisco nexus 3408-s firmware
- canonical/cisco nexus 34180yc firmware
- canonical/cisco nexus 34200yc-sm firmware
- canonical/cisco nexus 3432d-s firmware
- canonical/cisco nexus 3464c firmware
- canonical/cisco nexus 3524-xl
- canonical/cisco nexus 3524-xl firmware
- canonical/cisco nexus 3548-x/xl firmware
- canonical/cisco nexus 3548-x/xl
- canonical/cisco nexus 36180yc-r firmware
- canonical/cisco nexus 9232e
- canonical/cisco nexus 92348gc-x switch
- canonical/cisco nexus 9408
- canonical/cisco nexus 9504 firmware
- canonical/cisco nexus 9508
- canonical/cisco nexus 9516 firmware
- canonical/cisco mds 9000 series multilayer switches
- canonical/cisco mds 9100
- canonical/cisco mds 9132t
- canonical/cisco mds 9134
- canonical/cisco mds 9140
- canonical/cisco mds 9148
- canonical/cisco mds 9148s
- canonical/cisco mds 9148t
- canonical/cisco mds 9200
- canonical/cisco mds 9216
- canonical/cisco mds 9222i
- canonical/cisco mds 9250i
- canonical/cisco mds 9396s
- canonical/cisco mds 9396t
- canonical/cisco mds 9500
- canonical/cisco mds 9513 firmware
- canonical/cisco mds 9700
- canonical/cisco mds 9706 firmware
- canonical/cisco mds 9710 firmware
- canonical/cisco mds 9718 firmware
- canonical/cisco nexus 1000v switch for vmware vsphere
- canonical/cisco nexus 1000v for hyper-v
- canonical/cisco nexus 1000v
- canonical/cisco nx-os for nexus 5500 platform switches
- canonical/cisco nexus 5548p firmware
- canonical/cisco nexus 5548up firmware
- canonical/cisco nexus 5596t firmware
- canonical/cisco nexus 5596up firmware
- canonical/cisco nexus 5600 firmware
- canonical/cisco 56128p
- canonical/cisco nexus 5624q firmware
- canonical/cisco nexus 5648q firmware
- canonical/cisco nexus 5672up-16g
- canonical/cisco nexus 5672up-16g firmware
- canonical/cisco nexus 5696q firmware
- canonical/cisco nexus 6000 firmware
- canonical/cisco nexus 6001 firmware
- canonical/cisco nexus 6001p firmware
- canonical/cisco nexus 6001t firmware
- canonical/cisco nexus 6004 firmware
- canonical/cisco nexus 6004x firmware
- canonical/cisco nexus 7000 series switch
- canonical/cisco nexus 7004 firmware
- canonical/cisco nexus 7009 firmware
- canonical/cisco nexus 7010 firmware
- canonical/cisco nexus 7018 firmware