CVE-2023-20116
MEDIUM
Published 2023-06-28T00:00:00
Actions:
CVSS Score
V3.1
6.8
/10
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
Base Score Metrics
Exploitability: N/A
Impact: N/A
EPSS Score
v2023.03.01
0.001
probability
of exploitation in the wild
There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.
Updated: 2025-01-25
Exploit Probability
Percentile: 0.359
Higher than 35.9% of all CVEs
Attack Vector Metrics
Impact Metrics
Description
A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
10.5(2)SU10
10.5(1)
10.5(1)SU1
10.5(1)SU1a
10.5(2)
10.5(2)SU1
10.5(2)SU2
10.5(2)SU3
10.5(2)SU4
10.5(2)SU5
10.5(2)SU6
10.5(2)SU7
10.5(2)SU8
10.5(2)SU9
10.5(2)SU2a
10.5(2)SU3a
10.5(2)SU4a
10.5(2)SU6a
11.0(1)
11.0(1a)
11.0(1a)SU1
11.0(1a)SU2
11.0(1a)SU3
11.0(1a)SU3a
11.0(1a)SU4
11.0.1
11.0.2
11.0.5
11.5(1)
11.5(1)SU1
11.5(1)SU2
11.5(1)SU3
11.5(1)SU3a
11.5(1)SU3b
11.5(1)SU4
11.5(1)SU5
11.5(1)SU6
11.5(1)SU7
11.5(1)SU8
11.5(1)SU9
11.5(1)SU10
11.5(1)SU11
10.0(1)SU2
10.0(1)
10.0(1)SU1
Published: 2023-06-28T00:00:00
Last Modified: 2024-08-02T08:57:35.868Z
Copied to clipboard!