CVE-2023-20200

HIGH

Cisco FXOS Software - DoS

Title source: llm

Description

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device.

References (1)

[Vendor Advisory] https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp-ucsfi-snmp-dos-qtv69NAO

Scores

CVSS v3 7.7

EPSS 0.0053

EPSS Percentile 67.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-732 CWE-835

Status published

Products (8)

cisco/firepower_4112_firmware

cisco/firepower_4115

cisco/firepower_4125_firmware

cisco/firepower_4143_firmware

cisco/firepower_9300_firmware

cisco/ucs_6324_fabric_interconnect_firmware 4.1 - 4.1\(3l\)

cisco/ucs_6332-16up_fabric_interconnect_firmware 4.1 - 4.1\(3l\)

cisco/ucs_6332_fabric_interconnect_firmware 4.1 - 4.1\(3l\)

Published Aug 23, 2023

Tracked Since Feb 18, 2026