CVE-2023-20213

Name of the Vulnerable Software and Affected Versions Cisco ISE (affected versions not specified)

Description A vulnerability in the CDP processing feature could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This is due to insufficient bounds checking when an affected device processes CDP traffic. An attacker could exploit this by sending crafted CDP traffic to the device, causing the CDP process to crash and impacting neighbor discovery and the ability to determine the reachability of remote devices.

Recommendations To resolve the issue, manually restart the CDP process using the cdp enable command in interface configuration mode after a crash. As a temporary workaround, consider restricting access to the CDP processing feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.