Search criteria
12 vulnerabilities found for business_access_points by cisco
FKIE_CVE-2024-20271
Vulnerability from fkie_nvd - Published: 2024-03-27 17:15 - Updated: 2025-08-06 13:45
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9569A47F-9B78-4087-8ADB-3FD1A20F4B92",
"versionEndExcluding": "17.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4795FF5-9A0B-4D01-A4FA-895AE4F15F55",
"versionEndExcluding": "17.6.6",
"versionStartIncluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24ECD9F5-7C7A-48B7-9BE1-7CE458B7D6A1",
"versionEndExcluding": "17.9.5",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6F93FF-B86A-45F8-9671-6A7037F85276",
"versionEndExcluding": "17.12.2",
"versionStartIncluding": "17.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66046F3F-D6DC-4DB0-B195-013E7DB3DD30",
"versionEndExcluding": "10.9.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:business_140ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6331ADD0-9438-4095-84D4-4434C4782C60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_140ac_access_point:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5781CAA5-2DB2-4724-A08E-D74A7DBBDB75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_141acm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A730910D-5C14-477A-BB73-B28B87CCC48D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_142acm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2DC1D86-30FB-46D3-93B3-452E3A4871E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_143acm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EFC167-CC69-4777-9039-2DCF61C8101A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_145ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19202724-5BEB-487C-98EA-F3B6924C52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_145ac_access_point:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1FC172-7E73-475E-8E16-3FDC12FB5FC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_240ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07135C18-DDB4-41F3-971F-A4FC38C99E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24A08E76-11E3-4ADC-8B87-1DCF419A295A",
"versionEndExcluding": "10.6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:business_150ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2B555E-1523-4C62-A91D-EE1F3F1200EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_150ax_access_point:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE3E5E5-BC8D-42A5-89C5-6FEC0E581E7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8760865B-4AB3-4A1A-960D-FF6974A7AC06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A084C31F-54F0-444E-A2F0-817F1C8B3BFE",
"versionEndExcluding": "8.10.190.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de paquetes IP del software Cisco Access Point (AP) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de ciertos paquetes IPv4. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete IPv4 manipulado hacia o a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que un dispositivo afectado se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n DoS. Para explotar con \u00e9xito esta vulnerabilidad, no es necesario que el atacante est\u00e9 asociado con el AP afectado. Esta vulnerabilidad no se puede aprovechar enviando paquetes IPv6."
}
],
"id": "CVE-2024-20271",
"lastModified": "2025-08-06T13:45:24.563",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-27T17:15:51.320",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-3560
Vulnerability from fkie_nvd - Published: 2020-09-24 18:15 - Updated: 2024-11-21 05:31
Severity ?
Summary
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAC3262-0899-4F22-8EE7-27F35FB7276D",
"versionEndExcluding": "8.10.112.0",
"versionStartIncluding": "8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E903427-F63E-4E51-AC2D-96A707261DEE",
"versionEndExcluding": "8.5.161.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E7FBB2-4D72-47E2-84A2-AF8FE3CCE876",
"versionEndExcluding": "8.8.130.0",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7262ADAB-296F-4DC2-9CD7-A86D7F6441C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8plteeawb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929A06B1-38F1-42F4-B179-D42B04506AFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3056B31-1977-4472-BC74-19A5B8B5EC44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9261A638-E2E4-4EF0-84E9-A585BF763263",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C85463D-0B37-4746-B7EA-80F3096305E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C04E5B-AC03-440F-9007-0D6761B41F68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29A5E963-2987-4927-862A-6375624FC876",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3601499F-AD3B-47EA-816A-A01379CA1A33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303129EF-9107-4B39-8683-1BD917B3E68D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B2B271-555B-4439-95D8-086E516F1169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB321CD-9096-4F75-AD2F-4EAE1CA75D76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F31C77-0303-4FD9-B968-6B430202C6AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_140ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6331ADD0-9438-4095-84D4-4434C4782C60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_145ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19202724-5BEB-487C-98EA-F3B6924C52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_240ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07135C18-DDB4-41F3-971F-A4FC38C99E26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:esw-6300-con-x-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3625BC-9003-4E07-B4EA-EB44CADDD6B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
"versionEndExcluding": "10.1.1.0",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
"versionEndExcluding": "16.12.4a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.5\\(154.27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F7E9751-8192-4418-89BE-58D83E1BC2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.8\\(125.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CBF1E5E-E88B-46EA-AF9A-A52B9CF84273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(105.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C522D2E-422A-47E9-884B-708E4F4BF203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(105.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50089912-8D92-4A0F-83C6-2C9BB3B7CF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6A94467F-9120-4165-832C-292F343AD65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9301B023-A2C5-4DAD-9A05-FDE751AF3C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.2.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "E600825D-4984-488E-BF44-89816CAB6869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Aironet Access Points (APs), podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una gesti\u00f3n inapropiada de los recursos al procesar paquetes espec\u00edficos.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de paquetes UDP dise\u00f1ados hacia un puerto espec\u00edfico en un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante romper la conexi\u00f3n entre el AP y el controlador de LAN inal\u00e1mbrico, resultando que el dispositivo afectado no sea capaz de procesar el tr\u00e1fico del cliente, o causar que el dispositivo vulnerable se recargue, desencadenando en una condici\u00f3n DoS.\u0026#xa0;Despu\u00e9s del ataque, el dispositivo afectado deber\u00eda recuperar autom\u00e1ticamente sus funciones normales sin intervenci\u00f3n manual."
}
],
"id": "CVE-2020-3560",
"lastModified": "2024-11-21T05:31:19.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:22.137",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-3552
Vulnerability from fkie_nvd - Published: 2020-09-24 18:15 - Updated: 2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | wireless_lan_controller | * | |
| cisco | aironet_1542d | - | |
| cisco | aironet_1542i | - | |
| cisco | aironet_1562d | - | |
| cisco | aironet_1562e | - | |
| cisco | aironet_1562i | - | |
| cisco | aironet_1810 | - | |
| cisco | aironet_1815 | - | |
| cisco | aironet_1830e | - | |
| cisco | aironet_1830i | - | |
| cisco | aironet_1840 | - | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - | |
| cisco | aironet_2800e | - | |
| cisco | aironet_2800i | - | |
| cisco | aironet_3800e | - | |
| cisco | aironet_3800i | - | |
| cisco | aironet_3800p | - | |
| cisco | aironet_4800 | - | |
| cisco | business_access_points | * | |
| cisco | access_points | * | |
| cisco | catalyst_9800-40 | - | |
| cisco | catalyst_9800-80 | - | |
| cisco | catalyst_9800-cl | - | |
| cisco | catalyst_9800-l | - | |
| cisco | catalyst_9800-l-c | - | |
| cisco | catalyst_9800-l-f | - | |
| cisco | aironet_access_point_software | 8.10\(1.255\) | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EFE8F9-5E37-42DF-8658-574A5D9ECC6D",
"versionEndExcluding": "8.10.105.0",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69CA9D6-914D-436F-AA81-B218CC312D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
"versionEndExcluding": "10.1.1.0",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
"versionEndExcluding": "16.12.4a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(1.255\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D40D1D98-F662-4C7D-AEC8-C106209D7848",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el manejo de paquetes Ethernet de Cisco Aironet Access Points (APs) Software, podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la conexi\u00f3n como un cliente cableado a la interfaz Ethernet de un dispositivo afectado y mediante el env\u00edo de una serie de paquetes espec\u00edficos en un corto per\u00edodo de tiempo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un acceso al puntero NULL que resulte en una recarga del dispositivo afectado."
}
],
"id": "CVE-2020-3552",
"lastModified": "2024-11-21T05:31:18.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:21.900",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-3559
Vulnerability from fkie_nvd - Published: 2020-09-24 18:15 - Updated: 2024-11-21 05:31
Severity ?
Summary
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | wireless_lan_controller | * | |
| cisco | 1111-4pwe | - | |
| cisco | 1111-8plteeawb | - | |
| cisco | 1111-8pwb | - | |
| cisco | 1113-8plteeawe | - | |
| cisco | 1113-8pmwe | - | |
| cisco | 1113-8pwe | - | |
| cisco | 1116-4plteeawe | - | |
| cisco | 1116-4pwe | - | |
| cisco | 1117-4plteeawe | - | |
| cisco | 1117-4pmlteeawe | - | |
| cisco | 1117-4pmwe | - | |
| cisco | 1117-4pwe | - | |
| cisco | aironet_1815 | - | |
| cisco | aironet_1830e | - | |
| cisco | aironet_1830i | - | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - | |
| cisco | business_140ac | - | |
| cisco | business_145ac | - | |
| cisco | business_240ac | - | |
| cisco | business_access_points | * | |
| cisco | access_points | * | |
| cisco | catalyst_9800-40 | - | |
| cisco | catalyst_9800-80 | - | |
| cisco | catalyst_9800-cl | - | |
| cisco | catalyst_9800-l | - | |
| cisco | catalyst_9800-l-c | - | |
| cisco | catalyst_9800-l-f | - | |
| cisco | aironet_access_point_software | 8.5\(151.0\) | |
| cisco | aironet_access_point_software | 17.2.0.26 | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAC3262-0899-4F22-8EE7-27F35FB7276D",
"versionEndExcluding": "8.10.112.0",
"versionStartIncluding": "8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7262ADAB-296F-4DC2-9CD7-A86D7F6441C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8plteeawb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929A06B1-38F1-42F4-B179-D42B04506AFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3056B31-1977-4472-BC74-19A5B8B5EC44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9261A638-E2E4-4EF0-84E9-A585BF763263",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C85463D-0B37-4746-B7EA-80F3096305E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C04E5B-AC03-440F-9007-0D6761B41F68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29A5E963-2987-4927-862A-6375624FC876",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3601499F-AD3B-47EA-816A-A01379CA1A33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303129EF-9107-4B39-8683-1BD917B3E68D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B2B271-555B-4439-95D8-086E516F1169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB321CD-9096-4F75-AD2F-4EAE1CA75D76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F31C77-0303-4FD9-B968-6B430202C6AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_140ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6331ADD0-9438-4095-84D4-4434C4782C60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_145ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19202724-5BEB-487C-98EA-F3B6924C52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_240ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07135C18-DDB4-41F3-971F-A4FC38C99E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
"versionEndExcluding": "10.1.1.0",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
"versionEndExcluding": "16.12.4a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.5\\(151.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FDF08F54-1FD8-4542-9CA0-CCCBB686B62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "35BF64F8-9B4F-460D-85A1-F1D57E7FD695",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Aironet Access Point (AP) Software, podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a un manejo inapropiado de los clientes que est\u00e1n intentando conectarse al AP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones de autenticaci\u00f3n de varios clientes hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado se recargue."
}
],
"id": "CVE-2020-3559",
"lastModified": "2024-11-21T05:31:18.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:21.997",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-20271 (GCVE-0-2024-20271)
Vulnerability from cvelistv5 – Published: 2024-03-27 17:05 – Updated: 2024-08-01 21:52
VLAI?
Summary
A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
8.2.100.0
Affected: 8.2.130.0 Affected: 8.2.111.0 Affected: 8.2.110.0 Affected: 8.2.121.0 Affected: 8.2.141.0 Affected: 8.2.151.0 Affected: 8.2.160.0 Affected: 8.2.161.0 Affected: 8.2.164.0 Affected: 8.2.166.0 Affected: 8.2.170.0 Affected: 8.2.163.0 Affected: 8.3.102.0 Affected: 8.3.111.0 Affected: 8.3.112.0 Affected: 8.3.121.0 Affected: 8.3.122.0 Affected: 8.3.130.0 Affected: 8.3.131.0 Affected: 8.3.132.0 Affected: 8.3.133.0 Affected: 8.3.140.0 Affected: 8.3.141.0 Affected: 8.3.143.0 Affected: 8.3.150.0 Affected: 8.3.108.0 Affected: 8.3.90.53 Affected: 8.3.104.46 Affected: 8.3.200.200 Affected: 8.3.104.64 Affected: 8.3.15.165 Affected: 8.3.90.11 Affected: 8.3.135.0 Affected: 8.3.104.14 Affected: 8.3.90.36 Affected: 8.3.15.142 Affected: 8.3.104.37 Affected: 8.3.15.117 Affected: 8.3.15.120 Affected: 8.3.15.25 Affected: 8.3.15.158 Affected: 8.3.15.118 Affected: 8.3.90.25 Affected: 8.3.15.169 Affected: 8.3.90.58 Affected: 8.4.100.0 Affected: 8.4.1.199 Affected: 8.4.1.91 Affected: 8.4.1.142 Affected: 8.4.1.175 Affected: 8.4.1.218 Affected: 8.4.1.92 Affected: 8.5.103.0 Affected: 8.5.105.0 Affected: 8.5.110.0 Affected: 8.5.120.0 Affected: 8.5.131.0 Affected: 8.5.140.0 Affected: 8.5.135.0 Affected: 8.5.151.0 Affected: 8.5.101.0 Affected: 8.5.102.0 Affected: 8.5.161.0 Affected: 8.5.160.0 Affected: 8.5.100.0 Affected: 8.5.171.0 Affected: 8.5.164.0 Affected: 8.5.182.0 Affected: 8.5.182.11 ME Affected: 8.7.102.0 Affected: 8.7.106.0 Affected: 8.7.1.16 Affected: 8.8.100.0 Affected: 8.8.111.0 Affected: 8.8.120.0 Affected: 8.8.125.0 Affected: 8.8.130.0 Affected: 8.6.101.0 Affected: 8.6.1.84 Affected: 8.6.1.70 Affected: 8.6.1.71 Affected: 8.9.100.0 Affected: 8.9.111.0 Affected: 8.10.105.0 Affected: 8.10.111.0 Affected: 8.10.130.0 Affected: 8.10.112.0 Affected: 8.10.122.0 Affected: 8.10.113.0 Affected: 8.10.121.0 Affected: 8.10.141.0 Affected: 8.10.142.0 Affected: 8.10.151.0 Affected: 8.10.150.0 Affected: 8.10.171.0 Affected: 8.10.181.0 Affected: 8.10.182.0 Affected: 8.10.161.0 Affected: 8.10.170.0 Affected: 8.10.183.0 Affected: 8.10.162.0 Affected: 8.10.185.0 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.112.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.113.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.121.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.122.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.130.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.141.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.142.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.150.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.151.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.161.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.162.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.170.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.171.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.181.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.182.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.183.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.185.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.110.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.121.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(130.0\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.141.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.151.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.160.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.161.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.163.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.166.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.170.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.102.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.37:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.46:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.64:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.108.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.112.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.121.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.122.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.130.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.132.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.133.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.135.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.140.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.141.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.143.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.150.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.117:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.118:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.120:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.142:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.158:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.165:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.169:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.25:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.200.200:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.25:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.36:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.53:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.58:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.142:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.175:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.199:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.218:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.91:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.92:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.101.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.102.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.103.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.105.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.110.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.120.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.135.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.140.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.151.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.160.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.161.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.171.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.182.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.101.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.1.70:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.1.71:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.1.84:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.7.102.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.7.106.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.7.1.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.120.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.125.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.130.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.9.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.9.111.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aironet_access_point_software",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "8.10.111.0"
},
{
"status": "affected",
"version": "8.10.112.0"
},
{
"status": "affected",
"version": "8.10.113.0"
},
{
"status": "affected",
"version": "8.10.121.0"
},
{
"status": "affected",
"version": "8.10.122.0"
},
{
"status": "affected",
"version": "8.10.130.0"
},
{
"status": "affected",
"version": "8.10.141.0"
},
{
"status": "affected",
"version": "8.10.142.0"
},
{
"status": "affected",
"version": "8.10.150.0"
},
{
"status": "affected",
"version": "8.10.151.0"
},
{
"status": "affected",
"version": "8.10.161.0"
},
{
"status": "affected",
"version": "8.10.162.0"
},
{
"status": "affected",
"version": "8.10.170.0"
},
{
"status": "affected",
"version": "8.10.171.0"
},
{
"status": "affected",
"version": "8.10.181.0"
},
{
"status": "affected",
"version": "8.10.182.0"
},
{
"status": "affected",
"version": "8.10.183.0"
},
{
"status": "affected",
"version": "8.10.185.0"
},
{
"status": "affected",
"version": "8.2\\(100.0\\)"
},
{
"status": "affected",
"version": "8.2.110.0"
},
{
"status": "affected",
"version": "8.2.111.0"
},
{
"status": "affected",
"version": "8.2.121.0"
},
{
"status": "affected",
"version": "8.2\\(130.0\\)"
},
{
"status": "affected",
"version": "8.2.141.0"
},
{
"status": "affected",
"version": "8.2.151.0"
},
{
"status": "affected",
"version": "8.2.160.0"
},
{
"status": "affected",
"version": "8.2.161.0"
},
{
"status": "affected",
"version": "8.2.163.0"
},
{
"status": "affected",
"version": "8.2.164.0"
},
{
"status": "affected",
"version": "8.2.166.0"
},
{
"status": "affected",
"version": "8.2.170.0"
},
{
"status": "affected",
"version": "8.3.102.0"
},
{
"status": "affected",
"version": "8.3.104.14"
},
{
"status": "affected",
"version": "8.3.104.37"
},
{
"status": "affected",
"version": "8.3.104.46"
},
{
"status": "affected",
"version": "8.3.104.64"
},
{
"status": "affected",
"version": "8.3.108.0"
},
{
"status": "affected",
"version": "8.3.111.0"
},
{
"status": "affected",
"version": "8.3.112.0"
},
{
"status": "affected",
"version": "8.3.121.0"
},
{
"status": "affected",
"version": "8.3.122.0"
},
{
"status": "affected",
"version": "8.3.130.0"
},
{
"status": "affected",
"version": "8.3.131.0"
},
{
"status": "affected",
"version": "8.3.132.0"
},
{
"status": "affected",
"version": "8.3.133.0"
},
{
"status": "affected",
"version": "8.3.135.0"
},
{
"status": "affected",
"version": "8.3.140.0"
},
{
"status": "affected",
"version": "8.3.141.0"
},
{
"status": "affected",
"version": "8.3.143.0"
},
{
"status": "affected",
"version": "8.3.150.0"
},
{
"status": "affected",
"version": "8.3.15.117"
},
{
"status": "affected",
"version": "8.3.15.118"
},
{
"status": "affected",
"version": "8.3.15.120"
},
{
"status": "affected",
"version": "8.3.15.142"
},
{
"status": "affected",
"version": "8.3.15.158"
},
{
"status": "affected",
"version": "8.3.15.165"
},
{
"status": "affected",
"version": "8.3.15.169"
},
{
"status": "affected",
"version": "8.3.15.25"
},
{
"status": "affected",
"version": "8.3.200.200"
},
{
"status": "affected",
"version": "8.3.90.11"
},
{
"status": "affected",
"version": "8.3.90.25"
},
{
"status": "affected",
"version": "8.3.90.36"
},
{
"status": "affected",
"version": "8.3.90.53"
},
{
"status": "affected",
"version": "8.3.90.58"
},
{
"status": "affected",
"version": "8.4.100.0"
},
{
"status": "affected",
"version": "8.4.1.142"
},
{
"status": "affected",
"version": "8.4.1.175"
},
{
"status": "affected",
"version": "8.4.1.199"
},
{
"status": "affected",
"version": "8.4.1.218"
},
{
"status": "affected",
"version": "8.4.1.91"
},
{
"status": "affected",
"version": "8.4.1.92"
},
{
"status": "affected",
"version": "8.5.100.0"
},
{
"status": "affected",
"version": "8.5.101.0"
},
{
"status": "affected",
"version": "8.5.102.0"
},
{
"status": "affected",
"version": "8.5.103.0"
},
{
"status": "affected",
"version": "8.5.105.0"
},
{
"status": "affected",
"version": "8.5.110.0"
},
{
"status": "affected",
"version": "8.5.120.0"
},
{
"status": "affected",
"version": "8.5.131.0"
},
{
"status": "affected",
"version": "8.5.135.0"
},
{
"status": "affected",
"version": "8.5.140.0"
},
{
"status": "affected",
"version": "8.5.151.0"
},
{
"status": "affected",
"version": "8.5.160.0"
},
{
"status": "affected",
"version": "8.5.161.0"
},
{
"status": "affected",
"version": "8.5.164.0"
},
{
"status": "affected",
"version": "8.5.171.0"
},
{
"status": "affected",
"version": "8.5.182.0"
},
{
"status": "affected",
"version": "8.6.101.0"
},
{
"status": "affected",
"version": "8.6.1.70"
},
{
"status": "affected",
"version": "8.6.1.71"
},
{
"status": "affected",
"version": "8.6.1.84"
},
{
"status": "affected",
"version": "8.7.102.0"
},
{
"status": "affected",
"version": "8.7.106.0"
},
{
"status": "affected",
"version": "8.7.1.16"
},
{
"status": "affected",
"version": "8.8.100.0"
},
{
"status": "affected",
"version": "8.8.111.0"
},
{
"status": "affected",
"version": "8.8.120.0"
},
{
"status": "affected",
"version": "8.8.125.0"
},
{
"status": "affected",
"version": "8.8.130.0"
},
{
"status": "affected",
"version": "8.9.100.0"
},
{
"status": "affected",
"version": "8.9.111.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T16:39:13.630340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T13:07:00.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:38.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ap-dos-h9TGGX6W",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2.100.0"
},
{
"status": "affected",
"version": "8.2.130.0"
},
{
"status": "affected",
"version": "8.2.111.0"
},
{
"status": "affected",
"version": "8.2.110.0"
},
{
"status": "affected",
"version": "8.2.121.0"
},
{
"status": "affected",
"version": "8.2.141.0"
},
{
"status": "affected",
"version": "8.2.151.0"
},
{
"status": "affected",
"version": "8.2.160.0"
},
{
"status": "affected",
"version": "8.2.161.0"
},
{
"status": "affected",
"version": "8.2.164.0"
},
{
"status": "affected",
"version": "8.2.166.0"
},
{
"status": "affected",
"version": "8.2.170.0"
},
{
"status": "affected",
"version": "8.2.163.0"
},
{
"status": "affected",
"version": "8.3.102.0"
},
{
"status": "affected",
"version": "8.3.111.0"
},
{
"status": "affected",
"version": "8.3.112.0"
},
{
"status": "affected",
"version": "8.3.121.0"
},
{
"status": "affected",
"version": "8.3.122.0"
},
{
"status": "affected",
"version": "8.3.130.0"
},
{
"status": "affected",
"version": "8.3.131.0"
},
{
"status": "affected",
"version": "8.3.132.0"
},
{
"status": "affected",
"version": "8.3.133.0"
},
{
"status": "affected",
"version": "8.3.140.0"
},
{
"status": "affected",
"version": "8.3.141.0"
},
{
"status": "affected",
"version": "8.3.143.0"
},
{
"status": "affected",
"version": "8.3.150.0"
},
{
"status": "affected",
"version": "8.3.108.0"
},
{
"status": "affected",
"version": "8.3.90.53"
},
{
"status": "affected",
"version": "8.3.104.46"
},
{
"status": "affected",
"version": "8.3.200.200"
},
{
"status": "affected",
"version": "8.3.104.64"
},
{
"status": "affected",
"version": "8.3.15.165"
},
{
"status": "affected",
"version": "8.3.90.11"
},
{
"status": "affected",
"version": "8.3.135.0"
},
{
"status": "affected",
"version": "8.3.104.14"
},
{
"status": "affected",
"version": "8.3.90.36"
},
{
"status": "affected",
"version": "8.3.15.142"
},
{
"status": "affected",
"version": "8.3.104.37"
},
{
"status": "affected",
"version": "8.3.15.117"
},
{
"status": "affected",
"version": "8.3.15.120"
},
{
"status": "affected",
"version": "8.3.15.25"
},
{
"status": "affected",
"version": "8.3.15.158"
},
{
"status": "affected",
"version": "8.3.15.118"
},
{
"status": "affected",
"version": "8.3.90.25"
},
{
"status": "affected",
"version": "8.3.15.169"
},
{
"status": "affected",
"version": "8.3.90.58"
},
{
"status": "affected",
"version": "8.4.100.0"
},
{
"status": "affected",
"version": "8.4.1.199"
},
{
"status": "affected",
"version": "8.4.1.91"
},
{
"status": "affected",
"version": "8.4.1.142"
},
{
"status": "affected",
"version": "8.4.1.175"
},
{
"status": "affected",
"version": "8.4.1.218"
},
{
"status": "affected",
"version": "8.4.1.92"
},
{
"status": "affected",
"version": "8.5.103.0"
},
{
"status": "affected",
"version": "8.5.105.0"
},
{
"status": "affected",
"version": "8.5.110.0"
},
{
"status": "affected",
"version": "8.5.120.0"
},
{
"status": "affected",
"version": "8.5.131.0"
},
{
"status": "affected",
"version": "8.5.140.0"
},
{
"status": "affected",
"version": "8.5.135.0"
},
{
"status": "affected",
"version": "8.5.151.0"
},
{
"status": "affected",
"version": "8.5.101.0"
},
{
"status": "affected",
"version": "8.5.102.0"
},
{
"status": "affected",
"version": "8.5.161.0"
},
{
"status": "affected",
"version": "8.5.160.0"
},
{
"status": "affected",
"version": "8.5.100.0"
},
{
"status": "affected",
"version": "8.5.171.0"
},
{
"status": "affected",
"version": "8.5.164.0"
},
{
"status": "affected",
"version": "8.5.182.0"
},
{
"status": "affected",
"version": "8.5.182.11 ME"
},
{
"status": "affected",
"version": "8.7.102.0"
},
{
"status": "affected",
"version": "8.7.106.0"
},
{
"status": "affected",
"version": "8.7.1.16"
},
{
"status": "affected",
"version": "8.8.100.0"
},
{
"status": "affected",
"version": "8.8.111.0"
},
{
"status": "affected",
"version": "8.8.120.0"
},
{
"status": "affected",
"version": "8.8.125.0"
},
{
"status": "affected",
"version": "8.8.130.0"
},
{
"status": "affected",
"version": "8.6.101.0"
},
{
"status": "affected",
"version": "8.6.1.84"
},
{
"status": "affected",
"version": "8.6.1.70"
},
{
"status": "affected",
"version": "8.6.1.71"
},
{
"status": "affected",
"version": "8.9.100.0"
},
{
"status": "affected",
"version": "8.9.111.0"
},
{
"status": "affected",
"version": "8.10.105.0"
},
{
"status": "affected",
"version": "8.10.111.0"
},
{
"status": "affected",
"version": "8.10.130.0"
},
{
"status": "affected",
"version": "8.10.112.0"
},
{
"status": "affected",
"version": "8.10.122.0"
},
{
"status": "affected",
"version": "8.10.113.0"
},
{
"status": "affected",
"version": "8.10.121.0"
},
{
"status": "affected",
"version": "8.10.141.0"
},
{
"status": "affected",
"version": "8.10.142.0"
},
{
"status": "affected",
"version": "8.10.151.0"
},
{
"status": "affected",
"version": "8.10.150.0"
},
{
"status": "affected",
"version": "8.10.171.0"
},
{
"status": "affected",
"version": "8.10.181.0"
},
{
"status": "affected",
"version": "8.10.182.0"
},
{
"status": "affected",
"version": "8.10.161.0"
},
{
"status": "affected",
"version": "8.10.170.0"
},
{
"status": "affected",
"version": "8.10.183.0"
},
{
"status": "affected",
"version": "8.10.162.0"
},
{
"status": "affected",
"version": "8.10.185.0"
}
]
},
{
"product": "Cisco Business Wireless Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.0.1.0"
},
{
"status": "affected",
"version": "10.0.2.0"
},
{
"status": "affected",
"version": "10.1.1.0"
},
{
"status": "affected",
"version": "10.1.2.0"
},
{
"status": "affected",
"version": "10.2.1.0"
},
{
"status": "affected",
"version": "10.2.2.0"
},
{
"status": "affected",
"version": "10.3.1.0"
},
{
"status": "affected",
"version": "10.3.1.1"
},
{
"status": "affected",
"version": "10.3.2.0"
},
{
"status": "affected",
"version": "1.0.0.13"
},
{
"status": "affected",
"version": "1.0.0.16"
},
{
"status": "affected",
"version": "1.0.0.3"
},
{
"status": "affected",
"version": "1.0.0.39"
},
{
"status": "affected",
"version": "1.0.0.4"
},
{
"status": "affected",
"version": "1.0.0.5"
},
{
"status": "affected",
"version": "1.0.0.7"
},
{
"status": "affected",
"version": "1.0.1.2"
},
{
"status": "affected",
"version": "1.0.1.3"
},
{
"status": "affected",
"version": "1.0.1.4"
},
{
"status": "affected",
"version": "1.0.1.5"
},
{
"status": "affected",
"version": "1.0.1.6"
},
{
"status": "affected",
"version": "1.0.1.7"
},
{
"status": "affected",
"version": "1.0.2.0"
},
{
"status": "affected",
"version": "1.0.2.13"
},
{
"status": "affected",
"version": "1.0.2.14"
},
{
"status": "affected",
"version": "1.0.2.15"
},
{
"status": "affected",
"version": "1.0.2.16"
},
{
"status": "affected",
"version": "1.0.2.17"
},
{
"status": "affected",
"version": "1.0.2.2"
},
{
"status": "affected",
"version": "1.0.2.8"
},
{
"status": "affected",
"version": "1.0.3.1"
},
{
"status": "affected",
"version": "1.0.4.4"
},
{
"status": "affected",
"version": "1.0.4.3"
},
{
"status": "affected",
"version": "1.0.6.6"
},
{
"status": "affected",
"version": "1.0.3.4"
},
{
"status": "affected",
"version": "1.0.6.8"
},
{
"status": "affected",
"version": "1.0.6.2"
},
{
"status": "affected",
"version": "1.0.2.3"
},
{
"status": "affected",
"version": "1.0.5.3"
},
{
"status": "affected",
"version": "1.0.1.10"
},
{
"status": "affected",
"version": "1.0.4.2"
},
{
"status": "affected",
"version": "1.0.6.5"
},
{
"status": "affected",
"version": "1.0.6.7"
},
{
"status": "affected",
"version": "1.0.5.0"
},
{
"status": "affected",
"version": "1.0.0.10"
},
{
"status": "affected",
"version": "1.0.0.12"
},
{
"status": "affected",
"version": "1.0.0.14"
},
{
"status": "affected",
"version": "1.0.0.15"
},
{
"status": "affected",
"version": "1.0.0.17"
},
{
"status": "affected",
"version": "1.0.0.9"
},
{
"status": "affected",
"version": "1.0.1.11"
},
{
"status": "affected",
"version": "1.0.1.12"
},
{
"status": "affected",
"version": "1.0.1.9"
},
{
"status": "affected",
"version": "1.0.2.6"
},
{
"status": "affected",
"version": "1.1.0.5"
},
{
"status": "affected",
"version": "1.1.0.7"
},
{
"status": "affected",
"version": "1.1.0.9"
},
{
"status": "affected",
"version": "1.1.1.0"
},
{
"status": "affected",
"version": "1.1.2.4"
},
{
"status": "affected",
"version": "1.1.4.6"
},
{
"status": "affected",
"version": "1.1.3.2"
},
{
"status": "affected",
"version": "1.1.4.0"
},
{
"status": "affected",
"version": "1.1.0.3"
},
{
"status": "affected",
"version": "1.1.0.4"
},
{
"status": "affected",
"version": "1.1.0.6"
},
{
"status": "affected",
"version": "1.1.2.3"
},
{
"status": "affected",
"version": "10.4.1.0"
},
{
"status": "affected",
"version": "10.4.2.0"
},
{
"status": "affected",
"version": "10.6.1.0"
},
{
"status": "affected",
"version": "10.7.1.0"
},
{
"status": "affected",
"version": "10.8.1.0"
},
{
"status": "affected",
"version": "1.2.0.2"
},
{
"status": "affected",
"version": "1.2.0.3"
},
{
"status": "affected",
"version": "1.2.1.3"
},
{
"status": "affected",
"version": "1.3.0.3"
},
{
"status": "affected",
"version": "1.3.0.4"
},
{
"status": "affected",
"version": "1.3.0.6"
},
{
"status": "affected",
"version": "1.3.0.7"
},
{
"status": "affected",
"version": "10.5.2.0"
}
]
},
{
"product": "Cisco Aironet Access Point Software (IOS XE Controller)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1c"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "16.12.1t"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T17:05:27.473Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ap-dos-h9TGGX6W",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
}
],
"source": {
"advisory": "cisco-sa-ap-dos-h9TGGX6W",
"defects": [
"CSCwh00028"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20271",
"datePublished": "2024-03-27T17:05:27.473Z",
"dateReserved": "2023-11-08T15:08:07.624Z",
"dateUpdated": "2024-08-01T21:52:38.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3552 (GCVE-0-2020-3552)
Vulnerability from cvelistv5 – Published: 2020-09-24 17:51 – Updated: 2024-11-13 18:01
VLAI?
Summary
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
Severity ?
7.4 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:40.472481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:08",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"source": {
"advisory": "cisco-sa-ap-ethport-dos-xtjTt8pY",
"defect": [
[
"CSCvq94716"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3552",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
]
},
"source": {
"advisory": "cisco-sa-ap-ethport-dos-xtjTt8pY",
"defect": [
[
"CSCvq94716"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3552",
"datePublished": "2020-09-24T17:51:08.669654Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:45.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3559 (GCVE-0-2020-3559)
Vulnerability from cvelistv5 – Published: 2020-09-24 17:51 – Updated: 2024-11-13 18:01
VLAI?
Summary
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:42.435777Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:53.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"source": {
"advisory": "cisco-sa-aironet-dos-h3DCuLXw",
"defect": [
[
"CSCvr68273"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3559",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-dos-h3DCuLXw",
"defect": [
[
"CSCvr68273"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3559",
"datePublished": "2020-09-24T17:51:04.117021Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:53.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3560 (GCVE-0-2020-3560)
Vulnerability from cvelistv5 – Published: 2020-09-24 17:50 – Updated: 2024-11-13 18:02
VLAI?
Summary
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.
Severity ?
8.6 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:51.980714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:02:03.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:50:59",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"source": {
"advisory": "cisco-sa-aironet-dos-VHr2zG9y",
"defect": [
[
"CSCvr85609",
"CSCvr85614"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3560",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-dos-VHr2zG9y",
"defect": [
[
"CSCvr85609",
"CSCvr85614"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3560",
"datePublished": "2020-09-24T17:50:59.499854Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:02:03.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20271 (GCVE-0-2024-20271)
Vulnerability from nvd – Published: 2024-03-27 17:05 – Updated: 2024-08-01 21:52
VLAI?
Summary
A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
8.2.100.0
Affected: 8.2.130.0 Affected: 8.2.111.0 Affected: 8.2.110.0 Affected: 8.2.121.0 Affected: 8.2.141.0 Affected: 8.2.151.0 Affected: 8.2.160.0 Affected: 8.2.161.0 Affected: 8.2.164.0 Affected: 8.2.166.0 Affected: 8.2.170.0 Affected: 8.2.163.0 Affected: 8.3.102.0 Affected: 8.3.111.0 Affected: 8.3.112.0 Affected: 8.3.121.0 Affected: 8.3.122.0 Affected: 8.3.130.0 Affected: 8.3.131.0 Affected: 8.3.132.0 Affected: 8.3.133.0 Affected: 8.3.140.0 Affected: 8.3.141.0 Affected: 8.3.143.0 Affected: 8.3.150.0 Affected: 8.3.108.0 Affected: 8.3.90.53 Affected: 8.3.104.46 Affected: 8.3.200.200 Affected: 8.3.104.64 Affected: 8.3.15.165 Affected: 8.3.90.11 Affected: 8.3.135.0 Affected: 8.3.104.14 Affected: 8.3.90.36 Affected: 8.3.15.142 Affected: 8.3.104.37 Affected: 8.3.15.117 Affected: 8.3.15.120 Affected: 8.3.15.25 Affected: 8.3.15.158 Affected: 8.3.15.118 Affected: 8.3.90.25 Affected: 8.3.15.169 Affected: 8.3.90.58 Affected: 8.4.100.0 Affected: 8.4.1.199 Affected: 8.4.1.91 Affected: 8.4.1.142 Affected: 8.4.1.175 Affected: 8.4.1.218 Affected: 8.4.1.92 Affected: 8.5.103.0 Affected: 8.5.105.0 Affected: 8.5.110.0 Affected: 8.5.120.0 Affected: 8.5.131.0 Affected: 8.5.140.0 Affected: 8.5.135.0 Affected: 8.5.151.0 Affected: 8.5.101.0 Affected: 8.5.102.0 Affected: 8.5.161.0 Affected: 8.5.160.0 Affected: 8.5.100.0 Affected: 8.5.171.0 Affected: 8.5.164.0 Affected: 8.5.182.0 Affected: 8.5.182.11 ME Affected: 8.7.102.0 Affected: 8.7.106.0 Affected: 8.7.1.16 Affected: 8.8.100.0 Affected: 8.8.111.0 Affected: 8.8.120.0 Affected: 8.8.125.0 Affected: 8.8.130.0 Affected: 8.6.101.0 Affected: 8.6.1.84 Affected: 8.6.1.70 Affected: 8.6.1.71 Affected: 8.9.100.0 Affected: 8.9.111.0 Affected: 8.10.105.0 Affected: 8.10.111.0 Affected: 8.10.130.0 Affected: 8.10.112.0 Affected: 8.10.122.0 Affected: 8.10.113.0 Affected: 8.10.121.0 Affected: 8.10.141.0 Affected: 8.10.142.0 Affected: 8.10.151.0 Affected: 8.10.150.0 Affected: 8.10.171.0 Affected: 8.10.181.0 Affected: 8.10.182.0 Affected: 8.10.161.0 Affected: 8.10.170.0 Affected: 8.10.183.0 Affected: 8.10.162.0 Affected: 8.10.185.0 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.112.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.113.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.121.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.122.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.130.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.141.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.142.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.150.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.151.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.161.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.162.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.170.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.171.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.181.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.182.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.183.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.10.185.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.110.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.121.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(130.0\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.141.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.151.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.160.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.161.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.163.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.166.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.2.170.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.102.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.37:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.46:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.104.64:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.108.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.112.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.121.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.122.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.130.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.132.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.133.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.135.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.140.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.141.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.143.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.150.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.117:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.118:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.120:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.142:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.158:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.165:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.169:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.15.25:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.200.200:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.25:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.36:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.53:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.3.90.58:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.142:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.175:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.199:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.218:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.91:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.4.1.92:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.101.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.102.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.103.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.105.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.110.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.120.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.135.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.140.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.151.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.160.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.161.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.171.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.5.182.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.101.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.1.70:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.1.71:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.6.1.84:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.7.102.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.7.106.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.7.1.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.111.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.120.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.125.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.8.130.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.9.100.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:aironet_access_point_software:8.9.111.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aironet_access_point_software",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "8.10.111.0"
},
{
"status": "affected",
"version": "8.10.112.0"
},
{
"status": "affected",
"version": "8.10.113.0"
},
{
"status": "affected",
"version": "8.10.121.0"
},
{
"status": "affected",
"version": "8.10.122.0"
},
{
"status": "affected",
"version": "8.10.130.0"
},
{
"status": "affected",
"version": "8.10.141.0"
},
{
"status": "affected",
"version": "8.10.142.0"
},
{
"status": "affected",
"version": "8.10.150.0"
},
{
"status": "affected",
"version": "8.10.151.0"
},
{
"status": "affected",
"version": "8.10.161.0"
},
{
"status": "affected",
"version": "8.10.162.0"
},
{
"status": "affected",
"version": "8.10.170.0"
},
{
"status": "affected",
"version": "8.10.171.0"
},
{
"status": "affected",
"version": "8.10.181.0"
},
{
"status": "affected",
"version": "8.10.182.0"
},
{
"status": "affected",
"version": "8.10.183.0"
},
{
"status": "affected",
"version": "8.10.185.0"
},
{
"status": "affected",
"version": "8.2\\(100.0\\)"
},
{
"status": "affected",
"version": "8.2.110.0"
},
{
"status": "affected",
"version": "8.2.111.0"
},
{
"status": "affected",
"version": "8.2.121.0"
},
{
"status": "affected",
"version": "8.2\\(130.0\\)"
},
{
"status": "affected",
"version": "8.2.141.0"
},
{
"status": "affected",
"version": "8.2.151.0"
},
{
"status": "affected",
"version": "8.2.160.0"
},
{
"status": "affected",
"version": "8.2.161.0"
},
{
"status": "affected",
"version": "8.2.163.0"
},
{
"status": "affected",
"version": "8.2.164.0"
},
{
"status": "affected",
"version": "8.2.166.0"
},
{
"status": "affected",
"version": "8.2.170.0"
},
{
"status": "affected",
"version": "8.3.102.0"
},
{
"status": "affected",
"version": "8.3.104.14"
},
{
"status": "affected",
"version": "8.3.104.37"
},
{
"status": "affected",
"version": "8.3.104.46"
},
{
"status": "affected",
"version": "8.3.104.64"
},
{
"status": "affected",
"version": "8.3.108.0"
},
{
"status": "affected",
"version": "8.3.111.0"
},
{
"status": "affected",
"version": "8.3.112.0"
},
{
"status": "affected",
"version": "8.3.121.0"
},
{
"status": "affected",
"version": "8.3.122.0"
},
{
"status": "affected",
"version": "8.3.130.0"
},
{
"status": "affected",
"version": "8.3.131.0"
},
{
"status": "affected",
"version": "8.3.132.0"
},
{
"status": "affected",
"version": "8.3.133.0"
},
{
"status": "affected",
"version": "8.3.135.0"
},
{
"status": "affected",
"version": "8.3.140.0"
},
{
"status": "affected",
"version": "8.3.141.0"
},
{
"status": "affected",
"version": "8.3.143.0"
},
{
"status": "affected",
"version": "8.3.150.0"
},
{
"status": "affected",
"version": "8.3.15.117"
},
{
"status": "affected",
"version": "8.3.15.118"
},
{
"status": "affected",
"version": "8.3.15.120"
},
{
"status": "affected",
"version": "8.3.15.142"
},
{
"status": "affected",
"version": "8.3.15.158"
},
{
"status": "affected",
"version": "8.3.15.165"
},
{
"status": "affected",
"version": "8.3.15.169"
},
{
"status": "affected",
"version": "8.3.15.25"
},
{
"status": "affected",
"version": "8.3.200.200"
},
{
"status": "affected",
"version": "8.3.90.11"
},
{
"status": "affected",
"version": "8.3.90.25"
},
{
"status": "affected",
"version": "8.3.90.36"
},
{
"status": "affected",
"version": "8.3.90.53"
},
{
"status": "affected",
"version": "8.3.90.58"
},
{
"status": "affected",
"version": "8.4.100.0"
},
{
"status": "affected",
"version": "8.4.1.142"
},
{
"status": "affected",
"version": "8.4.1.175"
},
{
"status": "affected",
"version": "8.4.1.199"
},
{
"status": "affected",
"version": "8.4.1.218"
},
{
"status": "affected",
"version": "8.4.1.91"
},
{
"status": "affected",
"version": "8.4.1.92"
},
{
"status": "affected",
"version": "8.5.100.0"
},
{
"status": "affected",
"version": "8.5.101.0"
},
{
"status": "affected",
"version": "8.5.102.0"
},
{
"status": "affected",
"version": "8.5.103.0"
},
{
"status": "affected",
"version": "8.5.105.0"
},
{
"status": "affected",
"version": "8.5.110.0"
},
{
"status": "affected",
"version": "8.5.120.0"
},
{
"status": "affected",
"version": "8.5.131.0"
},
{
"status": "affected",
"version": "8.5.135.0"
},
{
"status": "affected",
"version": "8.5.140.0"
},
{
"status": "affected",
"version": "8.5.151.0"
},
{
"status": "affected",
"version": "8.5.160.0"
},
{
"status": "affected",
"version": "8.5.161.0"
},
{
"status": "affected",
"version": "8.5.164.0"
},
{
"status": "affected",
"version": "8.5.171.0"
},
{
"status": "affected",
"version": "8.5.182.0"
},
{
"status": "affected",
"version": "8.6.101.0"
},
{
"status": "affected",
"version": "8.6.1.70"
},
{
"status": "affected",
"version": "8.6.1.71"
},
{
"status": "affected",
"version": "8.6.1.84"
},
{
"status": "affected",
"version": "8.7.102.0"
},
{
"status": "affected",
"version": "8.7.106.0"
},
{
"status": "affected",
"version": "8.7.1.16"
},
{
"status": "affected",
"version": "8.8.100.0"
},
{
"status": "affected",
"version": "8.8.111.0"
},
{
"status": "affected",
"version": "8.8.120.0"
},
{
"status": "affected",
"version": "8.8.125.0"
},
{
"status": "affected",
"version": "8.8.130.0"
},
{
"status": "affected",
"version": "8.9.100.0"
},
{
"status": "affected",
"version": "8.9.111.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T16:39:13.630340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T13:07:00.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:38.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ap-dos-h9TGGX6W",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2.100.0"
},
{
"status": "affected",
"version": "8.2.130.0"
},
{
"status": "affected",
"version": "8.2.111.0"
},
{
"status": "affected",
"version": "8.2.110.0"
},
{
"status": "affected",
"version": "8.2.121.0"
},
{
"status": "affected",
"version": "8.2.141.0"
},
{
"status": "affected",
"version": "8.2.151.0"
},
{
"status": "affected",
"version": "8.2.160.0"
},
{
"status": "affected",
"version": "8.2.161.0"
},
{
"status": "affected",
"version": "8.2.164.0"
},
{
"status": "affected",
"version": "8.2.166.0"
},
{
"status": "affected",
"version": "8.2.170.0"
},
{
"status": "affected",
"version": "8.2.163.0"
},
{
"status": "affected",
"version": "8.3.102.0"
},
{
"status": "affected",
"version": "8.3.111.0"
},
{
"status": "affected",
"version": "8.3.112.0"
},
{
"status": "affected",
"version": "8.3.121.0"
},
{
"status": "affected",
"version": "8.3.122.0"
},
{
"status": "affected",
"version": "8.3.130.0"
},
{
"status": "affected",
"version": "8.3.131.0"
},
{
"status": "affected",
"version": "8.3.132.0"
},
{
"status": "affected",
"version": "8.3.133.0"
},
{
"status": "affected",
"version": "8.3.140.0"
},
{
"status": "affected",
"version": "8.3.141.0"
},
{
"status": "affected",
"version": "8.3.143.0"
},
{
"status": "affected",
"version": "8.3.150.0"
},
{
"status": "affected",
"version": "8.3.108.0"
},
{
"status": "affected",
"version": "8.3.90.53"
},
{
"status": "affected",
"version": "8.3.104.46"
},
{
"status": "affected",
"version": "8.3.200.200"
},
{
"status": "affected",
"version": "8.3.104.64"
},
{
"status": "affected",
"version": "8.3.15.165"
},
{
"status": "affected",
"version": "8.3.90.11"
},
{
"status": "affected",
"version": "8.3.135.0"
},
{
"status": "affected",
"version": "8.3.104.14"
},
{
"status": "affected",
"version": "8.3.90.36"
},
{
"status": "affected",
"version": "8.3.15.142"
},
{
"status": "affected",
"version": "8.3.104.37"
},
{
"status": "affected",
"version": "8.3.15.117"
},
{
"status": "affected",
"version": "8.3.15.120"
},
{
"status": "affected",
"version": "8.3.15.25"
},
{
"status": "affected",
"version": "8.3.15.158"
},
{
"status": "affected",
"version": "8.3.15.118"
},
{
"status": "affected",
"version": "8.3.90.25"
},
{
"status": "affected",
"version": "8.3.15.169"
},
{
"status": "affected",
"version": "8.3.90.58"
},
{
"status": "affected",
"version": "8.4.100.0"
},
{
"status": "affected",
"version": "8.4.1.199"
},
{
"status": "affected",
"version": "8.4.1.91"
},
{
"status": "affected",
"version": "8.4.1.142"
},
{
"status": "affected",
"version": "8.4.1.175"
},
{
"status": "affected",
"version": "8.4.1.218"
},
{
"status": "affected",
"version": "8.4.1.92"
},
{
"status": "affected",
"version": "8.5.103.0"
},
{
"status": "affected",
"version": "8.5.105.0"
},
{
"status": "affected",
"version": "8.5.110.0"
},
{
"status": "affected",
"version": "8.5.120.0"
},
{
"status": "affected",
"version": "8.5.131.0"
},
{
"status": "affected",
"version": "8.5.140.0"
},
{
"status": "affected",
"version": "8.5.135.0"
},
{
"status": "affected",
"version": "8.5.151.0"
},
{
"status": "affected",
"version": "8.5.101.0"
},
{
"status": "affected",
"version": "8.5.102.0"
},
{
"status": "affected",
"version": "8.5.161.0"
},
{
"status": "affected",
"version": "8.5.160.0"
},
{
"status": "affected",
"version": "8.5.100.0"
},
{
"status": "affected",
"version": "8.5.171.0"
},
{
"status": "affected",
"version": "8.5.164.0"
},
{
"status": "affected",
"version": "8.5.182.0"
},
{
"status": "affected",
"version": "8.5.182.11 ME"
},
{
"status": "affected",
"version": "8.7.102.0"
},
{
"status": "affected",
"version": "8.7.106.0"
},
{
"status": "affected",
"version": "8.7.1.16"
},
{
"status": "affected",
"version": "8.8.100.0"
},
{
"status": "affected",
"version": "8.8.111.0"
},
{
"status": "affected",
"version": "8.8.120.0"
},
{
"status": "affected",
"version": "8.8.125.0"
},
{
"status": "affected",
"version": "8.8.130.0"
},
{
"status": "affected",
"version": "8.6.101.0"
},
{
"status": "affected",
"version": "8.6.1.84"
},
{
"status": "affected",
"version": "8.6.1.70"
},
{
"status": "affected",
"version": "8.6.1.71"
},
{
"status": "affected",
"version": "8.9.100.0"
},
{
"status": "affected",
"version": "8.9.111.0"
},
{
"status": "affected",
"version": "8.10.105.0"
},
{
"status": "affected",
"version": "8.10.111.0"
},
{
"status": "affected",
"version": "8.10.130.0"
},
{
"status": "affected",
"version": "8.10.112.0"
},
{
"status": "affected",
"version": "8.10.122.0"
},
{
"status": "affected",
"version": "8.10.113.0"
},
{
"status": "affected",
"version": "8.10.121.0"
},
{
"status": "affected",
"version": "8.10.141.0"
},
{
"status": "affected",
"version": "8.10.142.0"
},
{
"status": "affected",
"version": "8.10.151.0"
},
{
"status": "affected",
"version": "8.10.150.0"
},
{
"status": "affected",
"version": "8.10.171.0"
},
{
"status": "affected",
"version": "8.10.181.0"
},
{
"status": "affected",
"version": "8.10.182.0"
},
{
"status": "affected",
"version": "8.10.161.0"
},
{
"status": "affected",
"version": "8.10.170.0"
},
{
"status": "affected",
"version": "8.10.183.0"
},
{
"status": "affected",
"version": "8.10.162.0"
},
{
"status": "affected",
"version": "8.10.185.0"
}
]
},
{
"product": "Cisco Business Wireless Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.0.1.0"
},
{
"status": "affected",
"version": "10.0.2.0"
},
{
"status": "affected",
"version": "10.1.1.0"
},
{
"status": "affected",
"version": "10.1.2.0"
},
{
"status": "affected",
"version": "10.2.1.0"
},
{
"status": "affected",
"version": "10.2.2.0"
},
{
"status": "affected",
"version": "10.3.1.0"
},
{
"status": "affected",
"version": "10.3.1.1"
},
{
"status": "affected",
"version": "10.3.2.0"
},
{
"status": "affected",
"version": "1.0.0.13"
},
{
"status": "affected",
"version": "1.0.0.16"
},
{
"status": "affected",
"version": "1.0.0.3"
},
{
"status": "affected",
"version": "1.0.0.39"
},
{
"status": "affected",
"version": "1.0.0.4"
},
{
"status": "affected",
"version": "1.0.0.5"
},
{
"status": "affected",
"version": "1.0.0.7"
},
{
"status": "affected",
"version": "1.0.1.2"
},
{
"status": "affected",
"version": "1.0.1.3"
},
{
"status": "affected",
"version": "1.0.1.4"
},
{
"status": "affected",
"version": "1.0.1.5"
},
{
"status": "affected",
"version": "1.0.1.6"
},
{
"status": "affected",
"version": "1.0.1.7"
},
{
"status": "affected",
"version": "1.0.2.0"
},
{
"status": "affected",
"version": "1.0.2.13"
},
{
"status": "affected",
"version": "1.0.2.14"
},
{
"status": "affected",
"version": "1.0.2.15"
},
{
"status": "affected",
"version": "1.0.2.16"
},
{
"status": "affected",
"version": "1.0.2.17"
},
{
"status": "affected",
"version": "1.0.2.2"
},
{
"status": "affected",
"version": "1.0.2.8"
},
{
"status": "affected",
"version": "1.0.3.1"
},
{
"status": "affected",
"version": "1.0.4.4"
},
{
"status": "affected",
"version": "1.0.4.3"
},
{
"status": "affected",
"version": "1.0.6.6"
},
{
"status": "affected",
"version": "1.0.3.4"
},
{
"status": "affected",
"version": "1.0.6.8"
},
{
"status": "affected",
"version": "1.0.6.2"
},
{
"status": "affected",
"version": "1.0.2.3"
},
{
"status": "affected",
"version": "1.0.5.3"
},
{
"status": "affected",
"version": "1.0.1.10"
},
{
"status": "affected",
"version": "1.0.4.2"
},
{
"status": "affected",
"version": "1.0.6.5"
},
{
"status": "affected",
"version": "1.0.6.7"
},
{
"status": "affected",
"version": "1.0.5.0"
},
{
"status": "affected",
"version": "1.0.0.10"
},
{
"status": "affected",
"version": "1.0.0.12"
},
{
"status": "affected",
"version": "1.0.0.14"
},
{
"status": "affected",
"version": "1.0.0.15"
},
{
"status": "affected",
"version": "1.0.0.17"
},
{
"status": "affected",
"version": "1.0.0.9"
},
{
"status": "affected",
"version": "1.0.1.11"
},
{
"status": "affected",
"version": "1.0.1.12"
},
{
"status": "affected",
"version": "1.0.1.9"
},
{
"status": "affected",
"version": "1.0.2.6"
},
{
"status": "affected",
"version": "1.1.0.5"
},
{
"status": "affected",
"version": "1.1.0.7"
},
{
"status": "affected",
"version": "1.1.0.9"
},
{
"status": "affected",
"version": "1.1.1.0"
},
{
"status": "affected",
"version": "1.1.2.4"
},
{
"status": "affected",
"version": "1.1.4.6"
},
{
"status": "affected",
"version": "1.1.3.2"
},
{
"status": "affected",
"version": "1.1.4.0"
},
{
"status": "affected",
"version": "1.1.0.3"
},
{
"status": "affected",
"version": "1.1.0.4"
},
{
"status": "affected",
"version": "1.1.0.6"
},
{
"status": "affected",
"version": "1.1.2.3"
},
{
"status": "affected",
"version": "10.4.1.0"
},
{
"status": "affected",
"version": "10.4.2.0"
},
{
"status": "affected",
"version": "10.6.1.0"
},
{
"status": "affected",
"version": "10.7.1.0"
},
{
"status": "affected",
"version": "10.8.1.0"
},
{
"status": "affected",
"version": "1.2.0.2"
},
{
"status": "affected",
"version": "1.2.0.3"
},
{
"status": "affected",
"version": "1.2.1.3"
},
{
"status": "affected",
"version": "1.3.0.3"
},
{
"status": "affected",
"version": "1.3.0.4"
},
{
"status": "affected",
"version": "1.3.0.6"
},
{
"status": "affected",
"version": "1.3.0.7"
},
{
"status": "affected",
"version": "10.5.2.0"
}
]
},
{
"product": "Cisco Aironet Access Point Software (IOS XE Controller)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1c"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "16.12.1t"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T17:05:27.473Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ap-dos-h9TGGX6W",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
}
],
"source": {
"advisory": "cisco-sa-ap-dos-h9TGGX6W",
"defects": [
"CSCwh00028"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20271",
"datePublished": "2024-03-27T17:05:27.473Z",
"dateReserved": "2023-11-08T15:08:07.624Z",
"dateUpdated": "2024-08-01T21:52:38.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3552 (GCVE-0-2020-3552)
Vulnerability from nvd – Published: 2020-09-24 17:51 – Updated: 2024-11-13 18:01
VLAI?
Summary
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
Severity ?
7.4 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:40.472481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:08",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"source": {
"advisory": "cisco-sa-ap-ethport-dos-xtjTt8pY",
"defect": [
[
"CSCvq94716"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3552",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
]
},
"source": {
"advisory": "cisco-sa-ap-ethport-dos-xtjTt8pY",
"defect": [
[
"CSCvq94716"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3552",
"datePublished": "2020-09-24T17:51:08.669654Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:45.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3559 (GCVE-0-2020-3559)
Vulnerability from nvd – Published: 2020-09-24 17:51 – Updated: 2024-11-13 18:01
VLAI?
Summary
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:42.435777Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:53.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"source": {
"advisory": "cisco-sa-aironet-dos-h3DCuLXw",
"defect": [
[
"CSCvr68273"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3559",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-dos-h3DCuLXw",
"defect": [
[
"CSCvr68273"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3559",
"datePublished": "2020-09-24T17:51:04.117021Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:53.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3560 (GCVE-0-2020-3560)
Vulnerability from nvd – Published: 2020-09-24 17:50 – Updated: 2024-11-13 18:02
VLAI?
Summary
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.
Severity ?
8.6 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:51.980714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:02:03.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:50:59",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"source": {
"advisory": "cisco-sa-aironet-dos-VHr2zG9y",
"defect": [
[
"CSCvr85609",
"CSCvr85614"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3560",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-dos-VHr2zG9y",
"defect": [
[
"CSCvr85609",
"CSCvr85614"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3560",
"datePublished": "2020-09-24T17:50:59.499854Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:02:03.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}