Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

business_142acm

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2024-20271
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.46% / 62.97%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 17:05
Updated-06 Aug, 2025 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-business_140ac_access_pointbusiness_240acbusiness_145ac_access_pointbusiness_141acmbusiness_140acbusiness_151axmbusiness_142acmbusiness_143acmbusiness_access_pointsios_xebusiness_150axbusiness_150ax_access_pointbusiness_145acwireless_lan_controller_softwareCisco Business Wireless Access Point SoftwareCisco Aironet Access Point SoftwareCisco Aironet Access Point Software (IOS XE Controller)aironet_access_point_software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20003
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.02% / 2.14%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-25 Oct, 2024 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-business_151axm_firmwarebusiness_240ac_access_pointbusiness_145ac_access_pointbusiness_142acm_firmwarebusiness_150ax_access_point_firmwarebusiness_141acm_firmwarebusiness_145ac_access_point_firmwarebusiness_240ac_access_point_firmwarebusiness_142acmbusiness_141acmbusiness_143acmbusiness_140ac_access_pointbusiness_150ax_access_pointbusiness_151axmbusiness_140ac_access_point_firmwarebusiness_143acm_firmwareCisco Business Wireless Access Point Software
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-306
Missing Authentication for Critical Function