CVE-2023-20226
First published: Wed Sep 27 2023(Updated: )
A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE | =17.7.1 | |
| Cisco IOS XE | =17.7.1a | |
| Cisco IOS XE | =17.7.2 | |
| Cisco IOS XE | =17.8.1 | |
| Cisco IOS XE | =17.8.1a | |
| Cisco IOS XE | =17.9.1 | |
| Cisco IOS XE | =17.9.1a | |
| Cisco IOS XE | =17.9.2 | |
| Cisco IOS XE | =17.9.2a | |
| Cisco IOS XE | =17.10.1 | |
| Cisco IOS XE | =17.10.1a | |
| Cisco Catalyst 8000v Edge | ||
| Cisco 1100-4g Integrated Services Router | ||
| Cisco 1100-4gltegb Integrated Services Router | ||
| Cisco 1100-4gltena Integrated Services Router | ||
| Cisco 1100-6g Integrated Services Router | ||
| Cisco 4221 Integrated Services Router | ||
| Cisco 4321\/k9-rf Integrated Services Router | ||
| Cisco 4321\/k9-ws Integrated Services Router | ||
| Cisco 4321\/k9 Integrated Services Router | ||
| Cisco 4321 Integrated Services Router | ||
| Cisco 4331\/k9-rf Integrated Services Router | ||
| Cisco 4331\/k9-ws Integrated Services Router | ||
| Cisco 4331\/k9 Integrated Services Router | ||
| Cisco 4331 Integrated Services Router | ||
| Cisco 4351\/k9-rf Integrated Services Router | ||
| Cisco 4351\/k9-ws Integrated Services Router | ||
| Cisco 4351\/k9 Integrated Services Router | ||
| Cisco 4351 Integrated Services Router | ||
| Cisco 4431 Integrated Services Router | ||
| Cisco C8200-1n-4t | ||
| Cisco C8200l-1n-4t | ||
| Cisco C8500l-8s4x | ||
| Cisco Catalyst 8300-1n1s-4t2x | ||
| Cisco Catalyst 8300-1n1s-6t | ||
| Cisco Catalyst 8300-2n2s-4t2x | ||
| Cisco Catalyst 8300-2n2s-6t | ||
| Cisco Catalyst Ir8340 | ||
| All of | ||
| Any of | ||
| Cisco IOS XE | =17.7.1 | |
| Cisco IOS XE | =17.7.1a | |
| Cisco IOS XE | =17.7.2 | |
| Cisco IOS XE | =17.8.1 | |
| Cisco IOS XE | =17.8.1a | |
| Cisco IOS XE | =17.9.1 | |
| Cisco IOS XE | =17.9.1a | |
| Cisco IOS XE | =17.9.2 | |
| Cisco IOS XE | =17.9.2a | |
| Cisco IOS XE | =17.10.1 | |
| Cisco IOS XE | =17.10.1a | |
| Any of | ||
| Cisco Catalyst 8000v Edge | ||
| Cisco 1100-4g Integrated Services Router | ||
| Cisco 1100-4gltegb Integrated Services Router | ||
| Cisco 1100-4gltena Integrated Services Router | ||
| Cisco 1100-6g Integrated Services Router | ||
| Cisco 4221 Integrated Services Router | ||
| Cisco 4321\/k9-rf Integrated Services Router | ||
| Cisco 4321\/k9-ws Integrated Services Router | ||
| Cisco 4321\/k9 Integrated Services Router | ||
| Cisco 4321 Integrated Services Router | ||
| Cisco 4331\/k9-rf Integrated Services Router | ||
| Cisco 4331\/k9-ws Integrated Services Router | ||
| Cisco 4331\/k9 Integrated Services Router | ||
| Cisco 4331 Integrated Services Router | ||
| Cisco 4351\/k9-rf Integrated Services Router | ||
| Cisco 4351\/k9-ws Integrated Services Router | ||
| Cisco 4351\/k9 Integrated Services Router | ||
| Cisco 4351 Integrated Services Router | ||
| Cisco 4431 Integrated Services Router | ||
| Cisco C8200-1n-4t | ||
| Cisco C8200l-1n-4t | ||
| Cisco C8500l-8s4x | ||
| Cisco Catalyst 8300-1n1s-4t2x | ||
| Cisco Catalyst 8300-1n1s-6t | ||
| Cisco Catalyst 8300-2n2s-4t2x | ||
| Cisco Catalyst 8300-2n2s-6t | ||
| Cisco Catalyst Ir8340 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-20226?
CVE-2023-20226 is a vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
What is the severity of CVE-2023-20226?
CVE-2023-20226 has a severity rating of 7.5, which is considered high.
How does CVE-2023-20226 affect Cisco IOS XE Software?
CVE-2023-20226 affects Cisco IOS XE Software versions 17.7.1, 17.7.1a, 17.7.2, 17.8.1, 17.8.1a, 17.9.1, 17.9.1a, 17.9.2, 17.9.2a, 17.10.1, and 17.10.1a.
How can an unauthenticated, remote attacker exploit CVE-2023-20226?
An unauthenticated, remote attacker can exploit CVE-2023-20226 to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
Where can I find more information about CVE-2023-20226?
You can find more information about CVE-2023-20226 on the Cisco Security Advisory website: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco ios xe
- version/cisco ios xe/17.7.1
- version/cisco ios xe/17.7.1a
- version/cisco ios xe/17.7.2
- version/cisco ios xe/17.8.1
- version/cisco ios xe/17.8.1a
- version/cisco ios xe/17.9.1
- version/cisco ios xe/17.9.1a
- version/cisco ios xe/17.9.2
- version/cisco ios xe/17.9.2a
- version/cisco ios xe/17.10.1
- version/cisco ios xe/17.10.1a
- canonical/cisco catalyst 8000v edge
- canonical/cisco 1100-4g integrated services router
- canonical/cisco 1100-4gltegb integrated services router
- canonical/cisco 1100-4gltena integrated services router
- canonical/cisco 1100-6g integrated services router
- canonical/cisco 4221 integrated services router
- canonical/cisco 4321\/k9-rf integrated services router
- canonical/cisco 4321\/k9-ws integrated services router
- canonical/cisco 4321\/k9 integrated services router
- canonical/cisco 4321 integrated services router
- canonical/cisco 4331\/k9-rf integrated services router
- canonical/cisco 4331\/k9-ws integrated services router
- canonical/cisco 4331\/k9 integrated services router
- canonical/cisco 4331 integrated services router
- canonical/cisco 4351\/k9-rf integrated services router
- canonical/cisco 4351\/k9-ws integrated services router
- canonical/cisco 4351\/k9 integrated services router
- canonical/cisco 4351 integrated services router
- canonical/cisco 4431 integrated services router
- canonical/cisco c8200-1n-4t
- canonical/cisco c8200l-1n-4t
- canonical/cisco c8500l-8s4x
- canonical/cisco catalyst 8300-1n1s-4t2x
- canonical/cisco catalyst 8300-1n1s-6t
- canonical/cisco catalyst 8300-2n2s-4t2x
- canonical/cisco catalyst 8300-2n2s-6t
- canonical/cisco catalyst ir8340