CVE-2023-20051

A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).

Severity	MEDIUM
CVSS	5.8
CWE	CWE-400
KEV
Published	3 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco SR 500 Secure Routers	cisco-sa-cisco-pdng-dos-KmzwEy2Q
Cisco RV Series Routers	cisco-sa-cisco-pdng-dos-KmzwEy2Q
Cisco Nexus Dashboard	cisco-sa-cisco-pdng-dos-KmzwEy2Q
Cisco ASR 5000 Series Software	cisco-sa-cisco-pdng-dos-KmzwEy2Q