cisco-sa-wifi-faf-22epcewu
Vulnerability from csaf_cisco
Published
2021-05-11 18:00
Modified
2021-12-15 15:47
Summary
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
Notes
Summary
On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are implementation vulnerabilities. These vulnerabilities could allow an attacker to forge encrypted frames, which could in turn enable the exfiltration of sensitive data from a targeted device.
This advisory will be updated as additional information becomes available.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"]
Affected Products
Cisco is investigating its product line to determine which products may be affected by these vulnerabilities. As the investigation progresses, Cisco will update this advisory with information about affected products.
Vulnerable Products
The following table lists Cisco products that are affected by the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.
CVE ID Cisco Bug ID Fixed Release Availability ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] Aironet 1532 APs, AP803 Integrated AP on IR829 Industrial Integrated Services Routers CVE-2020-24586 CSCvy32690 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"] 8.5MR8
8.10MR6 CVE-2020-24587 CSCvy32690 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"] 8.5MR8
8.10MR6 CVE-2020-24588 CSCvy32690 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"] 8.5MR8
8.10MR6 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1542 APs, Aironet 1810 APs, Aironet 1815 APs, Aironet 1832 APs, Aironet 1842 APs, Aironet 1852 APs, Aironet 1800i APs CVE-2020-24586 Not affected N/A CVE-2020-24587 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26146 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 Not affected N/A Aironet 1552 APs, Aironet 1552H APs, Aironet 1572 APs, Aironet 1702 APs, Aironet 2702 APs, Aironet 3702 APs, IW 3702 APs CVE-2020-24586 CSCvy32680 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680"] 8.5MR8
8.10MR6
16.12.6
17.3.4 CVE-2020-24587 CSCvy32680 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680"] 8.5MR8
8.10MR6
16.12.6
17.3.4 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1560 Series APs, Aironet 2800 Series APs, Aironet Series 3800 APs, Aironet Series 4800 APs, Catalyst IW 6300 APs, 6300 Series Embedded Services APs (ESW6300) CVE-2020-24586 CSCvx24449 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24449 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 Catalyst 9105 APs, Catalyst 9115 APs, Catalyst 9120 APs, Integrated AP on 1100 Integrated Services Routers CVE-2020-24586 CSCvx24425 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24425 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24425 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Catalyst 9117 APs CVE-2020-24586 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26145 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26146 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 Not affected N/A Catalyst 9124 APs1, Catalyst 9130 APs CVE-2020-24586 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26145 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26146 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 Not affected N/A 1. Catalyst 9124 APs were not supported until Release 17.5, and the fix will be available in Release 17.6.1 Meraki GR10, GR60, MR20, MR30H, MR33, MR36, MR42, MR42E, MR44, MR45, MR46, MR46E, MR52, MR53, MR53E, MR55, MR56, MR70, MR74, MR76, MR84, MR86 CVE-2020-24586 No bug ID MR 27.7.1 CVE-2020-24587 No bug ID MR 27.7.1 CVE-2020-24588 No bug ID MR 27.7.1 CVE-2020-26139 No bug ID MR 27.7.1 CVE-2020-26140 No bug ID MR 27.7.1 CVE-2020-26141 No bug ID MR 27.7.1 CVE-2020-26142 No bug ID MR 27.7.1 CVE-2020-26143 No bug ID MR 27.7.1 CVE-2020-26144 No bug ID MR 27.7.1 CVE-2020-26145 No bug ID MR 27.7.1 CVE-2020-26146 No bug ID MR 27.7.1 CVE-2020-26147 No bug ID MR 27.7.1 Meraki MR12, MR18, MR26, MR32, MR34, MR62, MR66, MR72 CVE-2020-24586 No bug ID MR 26.8.3 CVE-2020-24587 No bug ID MR 26.8.3 CVE-2020-24588 No bug ID MR 26.8.3 CVE-2020-26139 No bug ID MR 26.8.3 CVE-2020-26140 No bug ID MR 26.8.3 CVE-2020-26141 No bug ID MR 26.8.3 CVE-2020-26142 No bug ID MR 26.8.3 CVE-2020-26143 No bug ID MR 26.8.3 CVE-2020-26144 No bug ID MR 26.8.3 CVE-2020-26145 No bug ID MR 26.8.3 CVE-2020-26146 No bug ID MR 26.8.3 CVE-2020-26147 No bug ID MR 26.8.3 Meraki MX64W, MX65W, MX67W, MX67CW, MX68W, MX68CW, Z3, Z3C1 CVE-2020-24586 No bug ID MX 17.0 CVE-2020-24587 No bug ID MX 17.0 CVE-2020-24588 No bug ID MX 17.0 CVE-2020-26139 No bug ID MX 17.0 CVE-2020-26140 No bug ID MX 17.0 CVE-2020-26141 No bug ID MX 17.0 CVE-2020-26142 No bug ID MX 17.0 CVE-2020-26143 No bug ID MX 17.0 CVE-2020-26144 No bug ID MX 17.0 CVE-2020-26145 No bug ID MX 17.0 CVE-2020-26146 No bug ID MX 17.0 CVE-2020-26147 No bug ID MX 17.0 1. Cisco will not fix these vulnerabilities in the following Cisco Meraki products: MX60W and Z1 IP Phone 8861, IP Phone 8865, and IP Conference Phone 8832 CVE-2020-24586 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-24587 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-24588 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26139 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26140 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26141 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26142 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26143 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26144 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26145 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26146 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26147 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) IP Phone 6861 and IP Phone 8861 Running Third-Party Call Control (3PCC) Software CVE-2020-24586 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-24587 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-24588 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26139 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26140 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26141 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26142 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26143 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26144 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26145 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26146 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26147 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) Wireless IP Phone 8821 CVE-2020-24586 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-24587 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-24588 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26139 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26140 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26141 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26142 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26143 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26144 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26145 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26146 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26147 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 Webex Desk Series and Webex Room Series CVE-2020-24586 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-24587 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-24588 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26139 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26140 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26141 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26142 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26143 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26144 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26145 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26146 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26147 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 Webex Board Series CVE-2020-24586 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-24587 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-24588 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26139 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26140 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26141 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26142 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26143 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26144 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26145 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26146 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26147 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 Webex Wireless Phone 840 and 860 CVE-2020-24586 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-24587 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-24588 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26139 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26140 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26141 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26142 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26143 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26144 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26145 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26146 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26147 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0)
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Details
The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.
For a description of the following vulnerabilities, see Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation ["https://papers.mathyvanhoef.com/usenix2021.pdf"].
For additional information, see FragAttacks ["https://fragattacks.com/"].
CVE-2020-26140: Accepting plaintext data frames in a protected network
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26143: Accepting fragmented plaintext data frames in a protected network
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26144: Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an encrypted network)
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26145: Accepting plaintext broadcast fragments as full frames (in an encrypted network)
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-24586: Not clearing fragments from memory when (re)connecting to a network
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-24588: Accepting non-SPP A-MSDU frames
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26139: Forwarding EAPOL frames even though the sender is not yet authenticated
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-26141: Not verifying the TKIP MIC of fragmented frames
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26142: Processing fragmented frames as full frames
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-24587: Reassembling fragments encrypted under different keys
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26146: Reassembling encrypted fragments with non-consecutive packet numbers
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26147: Reassembling mixed encrypted/plaintext fragments
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Workarounds
There are no workarounds that address these vulnerabilities.
Fixed Software
For information about fixed software releases ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], consult the Cisco bugs identified in the Vulnerable Products ["#vp"] section of this advisory.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.
The Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.
Source
These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef of New York University Abu Dhabi. Cisco would like to thank Dr. Vanhoef for his continued help and support during the handling of these vulnerabilities.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{ "document": { "acknowledgments": [ { "summary": "These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef of New York University Abu Dhabi. Cisco would like to thank Dr. Vanhoef for his continued help and support during the handling of these vulnerabilities." } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "notes": [ { "category": "summary", "text": "On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are implementation vulnerabilities. These vulnerabilities could allow an attacker to forge encrypted frames, which could in turn enable the exfiltration of sensitive data from a targeted device.\r\n\r\nThis advisory will be updated as additional information becomes available.\r\n\r\nThis advisory is available at the following link:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\"]", "title": "Summary" }, { "category": "general", "text": "Cisco is investigating its product line to determine which products may be affected by these vulnerabilities. As the investigation progresses, Cisco will update this advisory with information about affected products.", "title": "Affected Products" }, { "category": "general", "text": "The following table lists Cisco products that are affected by the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.\r\n CVE ID Cisco Bug ID Fixed Release Availability [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] Aironet 1532 APs, AP803 Integrated AP on IR829 Industrial Integrated Services Routers CVE-2020-24586 CSCvy32690 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690\"] 8.5MR8\r\n8.10MR6 CVE-2020-24587 CSCvy32690 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690\"] 8.5MR8\r\n8.10MR6 CVE-2020-24588 CSCvy32690 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690\"] 8.5MR8\r\n8.10MR6 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1542 APs, Aironet 1810 APs, Aironet 1815 APs, Aironet 1832 APs, Aironet 1842 APs, Aironet 1852 APs, Aironet 1800i APs CVE-2020-24586 Not affected N/A CVE-2020-24587 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26146 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 Not affected N/A Aironet 1552 APs, Aironet 1552H APs, Aironet 1572 APs, Aironet 1702 APs, Aironet 2702 APs, Aironet 3702 APs, IW 3702 APs CVE-2020-24586 CSCvy32680 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4 CVE-2020-24587 CSCvy32680 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1560 Series APs, Aironet 2800 Series APs, Aironet Series 3800 APs, Aironet Series 4800 APs, Catalyst IW 6300 APs, 6300 Series Embedded Services APs (ESW6300) CVE-2020-24586 CSCvx24449 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24449 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 Catalyst 9105 APs, Catalyst 9115 APs, Catalyst 9120 APs, Integrated AP on 1100 Integrated Services Routers CVE-2020-24586 CSCvx24425 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24425 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24425 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Catalyst 9117 APs CVE-2020-24586 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26145 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26146 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 Not affected N/A Catalyst 9124 APs1, Catalyst 9130 APs CVE-2020-24586 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26145 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26146 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 Not affected N/A 1. Catalyst 9124 APs were not supported until Release 17.5, and the fix will be available in Release 17.6.1 Meraki GR10, GR60, MR20, MR30H, MR33, MR36, MR42, MR42E, MR44, MR45, MR46, MR46E, MR52, MR53, MR53E, MR55, MR56, MR70, MR74, MR76, MR84, MR86 CVE-2020-24586 No bug ID MR 27.7.1 CVE-2020-24587 No bug ID MR 27.7.1 CVE-2020-24588 No bug ID MR 27.7.1 CVE-2020-26139 No bug ID MR 27.7.1 CVE-2020-26140 No bug ID MR 27.7.1 CVE-2020-26141 No bug ID MR 27.7.1 CVE-2020-26142 No bug ID MR 27.7.1 CVE-2020-26143 No bug ID MR 27.7.1 CVE-2020-26144 No bug ID MR 27.7.1 CVE-2020-26145 No bug ID MR 27.7.1 CVE-2020-26146 No bug ID MR 27.7.1 CVE-2020-26147 No bug ID MR 27.7.1 Meraki MR12, MR18, MR26, MR32, MR34, MR62, MR66, MR72 CVE-2020-24586 No bug ID MR 26.8.3 CVE-2020-24587 No bug ID MR 26.8.3 CVE-2020-24588 No bug ID MR 26.8.3 CVE-2020-26139 No bug ID MR 26.8.3 CVE-2020-26140 No bug ID MR 26.8.3 CVE-2020-26141 No bug ID MR 26.8.3 CVE-2020-26142 No bug ID MR 26.8.3 CVE-2020-26143 No bug ID MR 26.8.3 CVE-2020-26144 No bug ID MR 26.8.3 CVE-2020-26145 No bug ID MR 26.8.3 CVE-2020-26146 No bug ID MR 26.8.3 CVE-2020-26147 No bug ID MR 26.8.3 Meraki MX64W, MX65W, MX67W, MX67CW, MX68W, MX68CW, Z3, Z3C1 CVE-2020-24586 No bug ID MX 17.0 CVE-2020-24587 No bug ID MX 17.0 CVE-2020-24588 No bug ID MX 17.0 CVE-2020-26139 No bug ID MX 17.0 CVE-2020-26140 No bug ID MX 17.0 CVE-2020-26141 No bug ID MX 17.0 CVE-2020-26142 No bug ID MX 17.0 CVE-2020-26143 No bug ID MX 17.0 CVE-2020-26144 No bug ID MX 17.0 CVE-2020-26145 No bug ID MX 17.0 CVE-2020-26146 No bug ID MX 17.0 CVE-2020-26147 No bug ID MX 17.0 1. Cisco will not fix these vulnerabilities in the following Cisco Meraki products: MX60W and Z1 IP Phone 8861, IP Phone 8865, and IP Conference Phone 8832 CVE-2020-24586 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-24587 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-24588 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26139 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26140 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26141 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26142 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26143 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26144 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26145 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26146 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26147 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) IP Phone 6861 and IP Phone 8861 Running Third-Party Call Control (3PCC) Software CVE-2020-24586 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-24587 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-24588 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26139 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26140 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26141 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26142 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26143 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26144 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26145 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26146 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26147 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) Wireless IP Phone 8821 CVE-2020-24586 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-24587 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-24588 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26139 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26140 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26141 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26142 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26143 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26144 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26145 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26146 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26147 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 Webex Desk Series and Webex Room Series CVE-2020-24586 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-24587 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-24588 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26139 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26140 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26141 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26142 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26143 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26144 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26145 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26146 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26147 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 Webex Board Series CVE-2020-24586 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-24587 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-24588 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26139 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26140 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26141 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26142 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26143 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26144 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26145 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26146 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26147 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 Webex Wireless Phone 840 and 860 CVE-2020-24586 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-24587 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-24588 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26139 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26140 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26141 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26142 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26143 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26144 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26145 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26146 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26147 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0)", "title": "Vulnerable Products" }, { "category": "general", "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.", "title": "Products Confirmed Not Vulnerable" }, { "category": "general", "text": "The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.\r\n\r\nFor a description of the following vulnerabilities, see Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation [\"https://papers.mathyvanhoef.com/usenix2021.pdf\"].\r\n\r\nFor additional information, see FragAttacks [\"https://fragattacks.com/\"].\r\n\r\nCVE-2020-26140: Accepting plaintext data frames in a protected network\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26143: Accepting fragmented plaintext data frames in a protected network\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26144: Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an encrypted network)\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26145: Accepting plaintext broadcast fragments as full frames (in an encrypted network)\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-24586: Not clearing fragments from memory when (re)connecting to a network\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-24588: Accepting non-SPP A-MSDU frames\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26139: Forwarding EAPOL frames even though the sender is not yet authenticated\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\r\n\r\nCVE-2020-26141: Not verifying the TKIP MIC of fragmented frames\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26142: Processing fragmented frames as full frames\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-24587: Reassembling fragments encrypted under different keys\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 4.8\r\nCVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26146: Reassembling encrypted fragments with non-consecutive packet numbers\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 4.8\r\nCVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26147: Reassembling mixed encrypted/plaintext fragments\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 4.8\r\nCVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "title": "Details" }, { "category": "general", "text": "There are no workarounds that address these vulnerabilities.", "title": "Workarounds" }, { "category": "general", "text": "For information about fixed software releases [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], consult the Cisco bugs identified in the Vulnerable Products [\"#vp\"] section of this advisory.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.", "title": "Fixed Software" }, { "category": "general", "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.", "title": "Vulnerability Policy" }, { "category": "general", "text": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.", "title": "Exploitation and Public Announcements" }, { "category": "general", "text": "These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef of New York University Abu Dhabi. Cisco would like to thank Dr. Vanhoef for his continued help and support during the handling of these vulnerabilities.", "title": "Source" }, { "category": "legal_disclaimer", "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.", "title": "Legal Disclaimer" } ], "publisher": { "category": "vendor", "contact_details": "Emergency Support:\r\n+1 877 228 7302 (toll-free within North America)\r\n+1 408 525 6532 (International direct-dial)\r\nNon-emergency Support:\r\nEmail: psirt@cisco.com\r\nSupport requests that are received via e-mail are typically acknowledged within 48 hours.", "issuing_authority": "Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.\r\nMore information can be found in Cisco Security Vulnerability Policy available at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html", "name": "Cisco", "namespace": "https://wwww.cisco.com" }, "references": [ { "category": "self", "summary": "Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu" }, { "category": "external", "summary": "Cisco Security Vulnerability Policy", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html" }, { "category": "external", "summary": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu" }, { "category": "external", "summary": "Fixed Release Availability", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes" }, { "category": "external", "summary": "CSCvy32690", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690" }, { "category": "external", "summary": "CSCvy32690", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690" }, { "category": "external", "summary": "CSCvy32690", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690" }, { "category": "external", "summary": "CSCvx24420", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420" }, { "category": "external", "summary": "CSCvx24420", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420" }, { "category": "external", "summary": "CSCvx24420", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420" }, { "category": "external", "summary": "CSCvx24420", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420" }, { "category": "external", "summary": "CSCvx24420", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420" }, { "category": "external", "summary": "CSCvy32680", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680" }, { "category": "external", "summary": "CSCvy32680", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680" }, { "category": "external", "summary": "CSCvx24449", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449" }, { "category": "external", "summary": "CSCvx24449", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449" }, { "category": "external", "summary": "CSCvy36698", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698" }, { "category": "external", "summary": "CSCvy36698", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698" }, { "category": "external", "summary": "CSCvy36698", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698" }, { "category": "external", "summary": "CSCvy36698", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698" }, { "category": "external", "summary": "CSCvx24425", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425" }, { "category": "external", "summary": "CSCvx24425", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425" }, { "category": "external", "summary": "CSCvx24425", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24439", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx24428", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428" }, { "category": "external", "summary": "CSCvx24452", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452" }, { "category": "external", "summary": "CSCvx24456", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx60997", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61001", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx61012", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx89821", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx61020", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "CSCvx62886", "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886" }, { "category": "external", "summary": "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation", "url": "https://papers.mathyvanhoef.com/usenix2021.pdf" }, { "category": "external", "summary": "FragAttacks", "url": "https://fragattacks.com/" }, { "category": "external", "summary": "fixed software releases", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes" }, { "category": "external", "summary": "considering software upgrades", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes" }, { "category": "external", "summary": "Cisco\u0026nbsp;Security Advisories page", "url": "https://www.cisco.com/go/psirt" }, { "category": "external", "summary": "Security Vulnerability Policy", "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html" } ], "title": "Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021", "tracking": { "current_release_date": "2021-12-15T15:47:26+00:00", "generator": { "date": "2022-09-03T03:38:26+00:00", "engine": { "name": "TVCE" } }, "id": "cisco-sa-wifi-faf-22epcEWu", "initial_release_date": "2021-05-11T18:00:00+00:00", "revision_history": [ { "date": "2021-05-10T16:33:53+00:00", "number": "1.0.0", "summary": "Initial public release." }, { "date": "2021-05-11T21:59:40+00:00", "number": "1.1.0", "summary": "Updated affected Meraki MR products." }, { "date": "2021-05-14T20:43:24+00:00", "number": "1.2.0", "summary": "Added additional affected products." }, { "date": "2021-05-17T17:42:47+00:00", "number": "1.3.0", "summary": "Added additional affected products." }, { "date": "2021-05-19T20:50:42+00:00", "number": "1.4.0", "summary": "Added additional fixed releases." }, { "date": "2021-06-02T20:48:21+00:00", "number": "1.5.0", "summary": "Update affected products." }, { "date": "2021-07-13T18:42:53+00:00", "number": "1.6.0", "summary": "Added additional fixed releases for Meraki products." }, { "date": "2021-08-30T19:06:07+00:00", "number": "1.7.0", "summary": "Updated fixed release details for multiple products." }, { "date": "2021-10-05T14:54:59+00:00", "number": "1.8.0", "summary": "Updated fixed release details for Aironet 1532/AP803 products." }, { "date": "2021-12-15T15:47:26+00:00", "number": "1.9.0", "summary": "Updated fixed releases." } ], "status": "final", "version": "1.9.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_family", "name": "Cisco Aironet Access Point Software", "product": { "name": "Cisco Aironet Access Point Software ", "product_id": "CSAFPID-190024" } }, { "category": "product_family", "name": "Cisco IP Phones with Multiplatform Firmware", "product": { "name": "Cisco IP Phones with Multiplatform Firmware ", "product_id": "CSAFPID-277607" } }, { "category": "product_family", "name": "Cisco TelePresence Endpoint Software (TC/CE)", "product": { "name": "Cisco TelePresence Endpoint Software (TC/CE) ", "product_id": "CSAFPID-278404" } }, { "category": "product_family", "name": "Cisco Webex Room Phone", "product": { "name": "Cisco Webex Room Phone ", "product_id": "CSAFPID-278888" } }, { "category": "product_family", "name": "Cisco Business Wireless Access Point Software", "product": { "name": "Cisco Business Wireless Access Point Software ", "product_id": "CSAFPID-280012" } }, { "category": "product_family", "name": "Cisco Aironet Access Point Software (IOS XE Controller)", "product": { "name": "Cisco Aironet Access Point Software (IOS XE Controller) ", "product_id": "CSAFPID-280019" } } ], "category": "vendor", "name": "Cisco" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-26144", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24452" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24428" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24456" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-280019", "CSAFPID-190024", "CSAFPID-280012" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-26144" }, { "cve": "CVE-2020-26141", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-277607" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-26141" }, { "cve": "CVE-2020-26146", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx24420" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24425" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24441" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24440" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24449" }, { "system_name": "Cisco Bug ID", "text": "CSCvy32694" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-190024", "CSAFPID-277607", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-278404", "CSAFPID-280019" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-190024", "CSAFPID-277607", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-278404" ] } ], "title": "vuln-CVE-2020-26146" }, { "cve": "CVE-2020-26147", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-277607" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-26147" }, { "cve": "CVE-2020-26140", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-277607" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-26140" }, { "cve": "CVE-2020-26142", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-277607" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-26142" }, { "cve": "CVE-2020-26143", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278888", "CSAFPID-278404" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-277607" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278888", "CSAFPID-278404" ] } ], "title": "vuln-CVE-2020-26143" }, { "cve": "CVE-2020-26145", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24420" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24428" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24456" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24452" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278888", "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-280019" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278888", "CSAFPID-278404" ] } ], "title": "vuln-CVE-2020-26145" }, { "cve": "CVE-2020-26139", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24420" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24428" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24456" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24452" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278888", "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-280019" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278888", "CSAFPID-278404" ] } ], "title": "vuln-CVE-2020-26139" }, { "cve": "CVE-2020-24587", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24420" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24428" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24425" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24456" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24449" }, { "system_name": "Cisco Bug ID", "text": "CSCvy32680" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24452" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-280012", "CSAFPID-190024", "CSAFPID-280019" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-24587" }, { "cve": "CVE-2020-24586", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx24428" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24425" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24441" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24456" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24449" }, { "system_name": "Cisco Bug ID", "text": "CSCvy32680" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24452" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx60997" }, { "system_name": "Cisco Bug ID", "text": "CSCvx61001" }, { "system_name": "Cisco Bug ID", "text": "CSCvx61012" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" }, { "system_name": "Cisco Bug ID", "text": "CSCvx61020" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-280012", "CSAFPID-190024", "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-280019" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-280012", "CSAFPID-190024", "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-24586" }, { "cve": "CVE-2020-24588", "ids": [ { "system_name": "Cisco Bug ID", "text": "CSCvx24420" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24428" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24425" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24423" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24439" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24456" }, { "system_name": "Cisco Bug ID", "text": "CSCvx24452" }, { "system_name": "Cisco Bug ID", "text": "CSCvy32690" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62884" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62876" }, { "system_name": "Cisco Bug ID", "text": "CSCvx89821" }, { "system_name": "Cisco Bug ID", "text": "CSCvx62886" } ], "notes": [ { "category": "other", "text": "Complete.", "title": "Affected Product Comprehensiveness" } ], "product_status": { "known_affected": [ "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888", "CSAFPID-280019" ] }, "remediations": [ { "category": "vendor_fix", "details": "Cisco has released software updates that address this vulnerability.", "product_ids": [ "CSAFPID-278404", "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-278888", "CSAFPID-277607", "CSAFPID-280019" ], "url": "https://software.cisco.com" } ], "scores": [ { "cvss_v3": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-190024", "CSAFPID-280012", "CSAFPID-277607", "CSAFPID-278404", "CSAFPID-278888" ] } ], "title": "vuln-CVE-2020-24588" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.