What is CVE-2023-20168?

A high-severity vulnerability in Cisco NX-OS Software could allow an unauthenticated attacker to cause a denial of service. Immediate patching is essential to mitigate risks associated with this vulnerability.

What is the severity of CVE-2023-20168?

CVE-2023-20168 has a severity rating of HIGH with a CVSS base score of 7.1.

CVE-2023-20168 | High Vulnerability in Cisco NX-OS

A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.

This vulnerability has a CVSS score of 7.1, classifying it as high severity. The potential for exploitation is significant, and organizations utilizing affected Cisco NX-OS Software must act swiftly to mitigate this risk. Notably, the attack vector is local with low complexity and no privileges required, making it easier for unauthorized users to exploit.

Organizations should prioritize patching immediately as the risk to organizations includes potential service disruptions and loss of device availability.

Currently, there are no known exploits available for this vulnerability, but the nature of the issue could allow for rapid development of exploit code. It is crucial for defenders to be vigilant.

Vulnerability Details

The vulnerability described as CVE-2023-20168 affects the TACACS+ and RADIUS functionalities in Cisco NX-OS Software. This vulnerability allows an attacker to cause the affected device to reload unexpectedly, leading to a denial of service. The CVSS score of 7.1 indicates a high level of severity. The affected Cisco NX-OS versions include 9.3(11) and 10.2(5). The vulnerability has been published on August 23, 2023.

Technical Analysis

The root cause of this vulnerability lies in incorrect input validation during the TACACS+ or RADIUS authentication process. The attack vector is local, meaning an attacker must have physical or network access to the device. The attack complexity is low, as no special conditions are required for exploitation, and no user interaction is needed. The availability impact is high, as a successful exploitation could lead to service interruptions.

Risk & Impact Analysis

The risk to organizations includes potential service disruptions, which can affect business operations. Given the nature of the vulnerability, the blast radius can be significant, as it affects any device running vulnerable NX-OS versions. Organizations should address this vulnerability in their priority patch cycle to prevent potential exploitation.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of Cisco NX-OS Software include 9.3(11) and 10.2(5). All versions prior to vendor patch are vulnerable to this issue.

Mitigation & Remediation

Organizations should prioritize patching immediately. Cisco has released updates to mitigate this vulnerability. For detailed guidance, refer to Cisco's security advisory on the issue. Implementing strong input validation measures and monitoring for unusual authentication attempts can also help mitigate risks. Regular security assessments, including penetration testing and vulnerability management programs are recommended.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unusual authentication attempts, particularly those that include crafted strings. Behavioral anomalies that deviate from normal usage patterns should be flagged for further investigation.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability underscores the importance of robust input validation in authentication mechanisms. Organizations need to ensure that similar vulnerabilities are not present in other components of their infrastructure. The trend of exploiting authentication flaws is increasing, and security teams must remain proactive. For further reading on vulnerability management best practices, refer to our article on vulnerability management programs. Additionally, understanding the implications of authentication vulnerabilities can aid in developing better security strategies, as discussed in our penetration testing methodology guide.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-20168: High Vulnerability in Cisco NX-OS