How severe is CVE-2023-20187?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2023-20187?

This is classified as CWE-823, which is a common weakness in software security.

CVE-2023-20187 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition.

Related Vulnerabilities

CVE-2016-2161

HIGH

CVSS:7.5(High)

In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.

CWE-8232016

CVE-2020-13573

HIGH

CVSS:7.5(High)

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial o...

CWE-8232020

CVE-2022-46377

HIGH

CVSS:7.5(High)

An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of...

CWE-8232022

CVE-2022-46378

HIGH

CVSS:7.5(High)

CWE-8232022

CVE-2024-42386

HIGH

CVSS:7.5(High)

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.

CWE-8232024

CVE-2024-6603

HIGH

CVSS:7.4(High)

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 11...

CWE-8232024