CVE-2023-20233

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description The issue is related to the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software. It is caused by incorrect processing of invalid continuity check messages (CCMs), which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. An attacker could exploit this by sending crafted CCMs to an affected device, potentially causing the CFM service to crash when a user displays information about maintenance end points (MEPs) for peer MEPs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.