CVE-2020-3260 — Uncontrolled Resource Consumption in Cisco Aironet Access Point Software

CWE-399 CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 45.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Aironet Access Point Software Cisco Aironet 1542d Firmware Cisco Aironet 1542i Firmware +4 more

Timeline

PublishedApr 15

Latest updateMay 24

Description

A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point (AP). An attacker could exploit this vulnerability by sending a large number of sustained client packets to the affected AP. A successful exploit could allow the attacker to cause the affected AP to crash, r…

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages7 packages

▶CVEListV5cisco/cisco_aironet_access_point_softwaren/a

▶NVDcisco/aironet_1815_firmware8.9\(100.0\)

▶NVDcisco/aironet_1830_firmware8.9\(100.0\)

▶NVDcisco/aironet_1840_firmware8.9\(100.0\)

▶NVDcisco/aironet_1850_firmware8.9\(100.0\)

🔴Vulnerability Details

GHSA

GHSA-mqfc-mw2x-x89c: A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) co↗2022-05-24

▶

CVEList

Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability↗2020-04-15

▶

📋Vendor Advisories

Cisco

Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability↗2020-04-15

▶