cvelistv5 - cve-2024-20354

Source	URL	Tags
ykramarz@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW

Vendor	Product
Cisco	Cisco Aironet Access Point Software
Cisco	Cisco Aironet Access Point Software (IOS XE Controller)

gsd-2024-20354

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.

Aliases

CVE-2024-20354

Aliases

CVE-2024-20354

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2024-20354",
    "id": "GSD-2024-20354"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-20354"
      ],
      "details": "A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.\r\n\r This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.",
      "id": "GSD-2024-20354",
      "modified": "2023-12-13T01:21:42.953734Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2024-20354",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Aironet Access Point Software",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "N/A"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Cisco Aironet Access Point Software (IOS XE Controller)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "N/A"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.\r\n\r This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition."
          }
        ]
      },
      "exploit": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-460",
                "lang": "eng",
                "value": "Improper Cleanup on Thrown Exception"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW",
            "refsource": "MISC",
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-airo-ap-dos-PPPtcVW",
        "defects": [
          "CSCwh81027"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.\r\n\r This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition."
          }
        ],
        "id": "CVE-2024-20354",
        "lastModified": "2024-03-27T17:48:21.140",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 1.4,
              "source": "ykramarz@cisco.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-03-27T17:15:53.660",
        "references": [
          {
            "source": "ykramarz@cisco.com",
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW"
          }
        ],
        "sourceIdentifier": "ykramarz@cisco.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-460"
              }
            ],
            "source": "ykramarz@cisco.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

ghsa-55h4-826f-9gpq

Vulnerability from github

Published

2024-03-27 18:32

Modified

2024-03-27 18:32

Severity

4.7 (Medium) - CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Details

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.

This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-20354"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-460"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-27T17:15:53Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.\n\n This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.",
  "id": "GHSA-55h4-826f-9gpq",
  "modified": "2024-03-27T18:32:38Z",
  "published": "2024-03-27T18:32:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20354"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

wid-sec-w-2024-0744

Vulnerability from csaf_certbund

Published

2024-03-27 23:00

Modified

2024-03-27 23:00

Summary

Cisco Aironet Access Point: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Aironet Access Point ist eine WLAN Access Point Produktreihe von Cisco Catalyst ist der Markenname für eine Vielzahl von Netzwerk-Switches die von Cisco Systems verkauft werden. Router sind Geräte aus dem Bereich Computernetzwerke, Telekommunikation und Internet, die mehrere Rechnernetze miteinander verbinden. Die Cisco Small Business Produktfamilie beinhaltet Netzwerk-, Kommunikations-, WLAN- und Sicherheitsprodukte, sowie Router und Switche.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Cisco Aironet Access Point, Cisco Catalyst, Cisco Router und Cisco Small Business ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme

- CISCO Appliance

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Aironet Access Point ist eine WLAN Access Point Produktreihe von Cisco\r\nCatalyst ist der Markenname f\u00fcr eine Vielzahl von Netzwerk-Switches die von Cisco Systems verkauft werden.\r\n\r\nRouter sind Ger\u00e4te aus dem Bereich Computernetzwerke, Telekommunikation und Internet, die mehrere Rechnernetze miteinander verbinden.\r\nDie Cisco Small Business Produktfamilie beinhaltet Netzwerk-, Kommunikations-, WLAN- und Sicherheitsprodukte, sowie Router und Switche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Cisco Aironet Access Point, Cisco Catalyst, Cisco Router und Cisco Small Business ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- CISCO Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0744 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0744.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0744 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0744"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory vom 2024-03-27",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory vom 2024-03-27",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory vom 2024-03-27",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-secureboot-bypass-zT5vJkSD"
      }
    ],
    "source_lang": "en-US",
    "title": "Cisco Aironet Access Point: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-27T23:00:00.000+00:00",
      "generator": {
        "date": "2024-03-28T12:07:30.693+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0744",
      "initial_release_date": "2024-03-27T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-27T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Cisco Aironet Access Point",
            "product": {
              "name": "Cisco Aironet Access Point",
              "product_id": "T012215",
              "product_identification_helper": {
                "cpe": "cpe:/o:cisco:aironet_access_point_software:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Catalyst",
            "product": {
              "name": "Cisco Catalyst",
              "product_id": "T000491",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:catalyst:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Router",
            "product": {
              "name": "Cisco Router",
              "product_id": "T003258",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:router:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Small Business",
            "product": {
              "name": "Cisco Small Business",
              "product_id": "T006607",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:small_business:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-20265",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Cisco Aironet Access Point, Cisco Catalyst und Cisco Small Business. Diese sind auf einen Fehler zur\u00fcckzuf\u00fchren, der es erm\u00f6glicht w\u00e4hrend des Boot Prozesses beliebige Befehle abzusetzen und dadurch das Secure Boot Feature zu umgehen. Ein authentisierter Angreifer mit physischem Zugriff kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003258",
          "T012215",
          "T006607",
          "T000491"
        ]
      },
      "release_date": "2024-03-27T23:00:00Z",
      "title": "CVE-2024-20265"
    },
    {
      "cve": "CVE-2024-20271",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Cisco Aironet Access Point, Cisco Catalyst, Cisco Router und Cisco Small Business. Diese Schwachstelle ist auf eine fehlerhafte Validierung von IPV4 zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003258",
          "T012215",
          "T006607",
          "T000491"
        ]
      },
      "release_date": "2024-03-27T23:00:00Z",
      "title": "CVE-2024-20271"
    },
    {
      "cve": "CVE-2024-20354",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Cisco Aironet Access Point. Diese ist auf eine unzureichende Bereinigung von Ressourcen nach dem Droppen von fehlerhaften Paketen zur\u00fcckzuf\u00fchren. Ein anonymer Angreifer im angrenzenden Netzbereich kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003258",
          "T012215",
          "T006607",
          "T000491"
        ]
      },
      "release_date": "2024-03-27T23:00:00Z",
      "title": "CVE-2024-20354"
    }
  ]
}

Action not permitted

cve-2024-20354

Vulnerability from cvelistv5

gsd-2024-20354

Vulnerability from gsd

ghsa-55h4-826f-9gpq

Vulnerability from github

wid-sec-w-2024-0744

Vulnerability from csaf_certbund

Tags