CVE-2023-33086

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 4, 2024

Updated: Apr 12, 2024

CWE ID 401

Summary

CVE-2023-33086 refers to a transient Denial of Service (DoS) vulnerability affecting IKEV2 protocol processing on devices. When an IPSEC server receives multiple Informational Requests from different identifiers, it may experience a DoS condition due to the way it processes these requests. This issue could potentially allow an attacker to overwhelm the targeted device with excessive traffic, leading to service disruptions. Device vendors are encouraged to apply the relevant patches to mitigate this vulnerability and secure their customers' networks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uv-Ue6
https://www.cve.org/CVERecord?id=CVE-2023-33086
https://nvd.nist.gov/vuln/detail/CVE-2023-33086

Back to Vulnerability Database

CVE-2023-33086

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations