CVE-2020-3399Buffer Over-read in Cisco IOS XE Software

CWE-126Buffer Over-readCWE-125Out-of-bounds Read4 documents4 sources
Severity
8.6HIGHNVD
EPSS
0.6%
top 31.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOS XE SoftwareCisco IOS XE
Timeline
PublishedSep 24
Latest updateMay 24

Description

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

NVDcisco/ios_xe16.12, 16.12.1s, 16.12.2+2

🔴Vulnerability Details

2
GHSA
GHSA-v379-w98r-25cr: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9802022-05-24
CVEList
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability2020-09-24

📋Vendor Advisories

1
Cisco
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability2020-09-24
CVE-2020-3399 — Buffer Over-read in Cisco | cvebase