CVSS 3.1 Score 8.6 of 10 (high)


Published Sep 27, 2023
Updated: Jan 25, 2024
CWE ID 456


CVE-2023-20226 is a vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software. It allows an unauthenticated remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability occurs due to the mishandling of a crafted packet stream through the AppQoE or UTD application. To exploit this vulnerability, the attacker sends a crafted packet stream through the device. The successful exploit can cause the device to reload, leading to a DoS situation. The vulnerability has a high severity rating and an exploitability score of 3.9 out of 10. It affects multiple Cisco products and can pose a significant danger to organizations relying on these devices for network security and application quality management.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-20226 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options