Vulnerability Bulletins

Cisco Identity Services Engine RADIUS Denial of Service Vulnerability

System information

Affected software Cisco


A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This

More info:

Standar resources

Property Value
CVE CVE-2023-20243.

Version history

Version Comments Date
1.0 Advisory issued 2023-09-07
Ministerio de Defensa