cvedb.io
CVE-2023-20003
MEDIUM · CVSS 4.7
EPSS exploitation probability: 0%
Published 2023-05-18T03:15:09.477 · Last modified 2026-06-17T05:29:14.320

Summary

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication.

Affected products

cisco — business_140ac_access_point_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.