What is CVE-2023-20003?

CVE-2023-20003 is a medium-severity vulnerability in Cisco Business Wireless Access Point Software, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 4.7/10. Published 2023-05-18.

How severe is CVE-2023-20003?

Medium severity. CVSS v3 base score is 4.7 out of 10.

Vulnerability in Cisco Business Wireless Access Point Software

CVE-2023-20003

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due…

EPSS: 0.001 (28.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.7 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N.

Affected products

Cisco Business Wireless Access Point Software — versions n/a

Weakness classification (CWE)

CWE-288 — Authentication Bypass Using an Alternate Path or Channel

References

20230517 Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability (vendor-advisory)

Frequently asked questions

What is CVE-2023-20003?: CVE-2023-20003 is a medium-severity vulnerability in Cisco Business Wireless Access Point Software, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 4.7/10. Published 2023-05-18.
How severe is CVE-2023-20003?: Medium severity. CVSS v3 base score is 4.7 out of 10.