CVE-2020-3560

CWE-400Uncontrolled Resource Consumption19 documents5 sources
Severity
8.6HIGH
EPSS
1.2%
top 21.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Cisco Access PointsCisco Business Access PointsCisco Wireless LAN Controller+3 more
Timeline
PublishedSep 24
Latest updateMay 24

Description

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN co

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages6 packages

NVDcisco/access_points< 16.12.4a
NVDcisco/business_access_points10.010.1.1.0
NVDcisco/wireless_lan_controller8.98.10.112.0

🔴Vulnerability Details

2
GHSA
GHSA-8grp-f8hg-jmhh: A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected2022-05-24
CVEList
Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability2020-09-24

📋Vendor Advisories

1
Cisco
Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability2020-09-24

💬Community

15
Bugzilla
CVE-2020-6556 chromium-browser: Heap buffer overflow in SwiftShader2020-08-19
Bugzilla
CVE-2020-6542 chromium-browser: Use after free in ANGLE2020-08-11
Bugzilla
CVE-2020-6547 chromium-browser: Incorrect security UI in media2020-08-11
Bugzilla
CVE-2020-6546 chromium-browser: Inappropriate implementation in installer2020-08-11
Bugzilla
CVE-2020-6544 chromium-browser: Use after free in media2020-08-11
CVE-2020-3560 (HIGH CVSS 8.6) | A vulnerability in Cisco Aironet Ac | cvebase.io