CVE-2023-20243
First published: Wed Sep 06 2023(Updated: )
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This would eventually result in the NAD sending a RADIUS accounting request packet to Cisco ISE. An attacker could also exploit this vulnerability by sending a crafted RADIUS accounting request packet to Cisco ISE directly if the RADIUS shared secret is known. A successful exploit could allow the attacker to cause the RADIUS process to unexpectedly restart, resulting in authentication or authorization timeouts and denying legitimate users access to the network or service. Clients already authenticated to the network would not be affected. Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) may be required. For more information, see the Details ["#details"] section of this advisory.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Identity Services Engine | =3.1 | |
| Cisco Identity Services Engine | =3.1-patch1 | |
| Cisco Identity Services Engine | =3.1-patch2 | |
| Cisco Identity Services Engine | =3.1-patch3 | |
| Cisco Identity Services Engine | =3.1-patch4 | |
| Cisco Identity Services Engine | =3.1-patch5 | |
| Cisco Identity Services Engine | =3.1-patch6 | |
| Cisco Identity Services Engine | =3.2 | |
| Cisco Identity Services Engine | =3.2-patch1 | |
| Cisco Identity Services Engine | =3.2-patch2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-20243?
CVE-2023-20243 is a vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) that could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets.
How does CVE-2023-20243 affect Cisco Identity Services Engine?
CVE-2023-20243 affects Cisco Identity Services Engine by causing it to stop processing RADIUS packets.
What is the severity of CVE-2023-20243?
The severity of CVE-2023-20243 is high with a CVSS score of 8.6.
How can an attacker exploit CVE-2023-20243?
An attacker can exploit CVE-2023-20243 by sending specially crafted RADIUS accounting requests to the affected system.
Is there a fix for CVE-2023-20243?
Yes, Cisco has released patches to address the vulnerability in Cisco Identity Services Engine.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco identity services engine
- version/cisco identity services engine/3.1
- version/cisco identity services engine/3.1-patch1
- version/cisco identity services engine/3.1-patch2
- version/cisco identity services engine/3.1-patch3
- version/cisco identity services engine/3.1-patch4
- version/cisco identity services engine/3.1-patch5
- version/cisco identity services engine/3.1-patch6
- version/cisco identity services engine/3.2
- version/cisco identity services engine/3.2-patch1
- version/cisco identity services engine/3.2-patch2