CVE-2024-20271 — Improper Input Validation in Cisco Business Access Points

CWE-20 — Improper Input Validation4 documents4 sources

Severity

8.6HIGHNVD

EPSS

0.3%

top 45.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Business Access Points Cisco IOS XE Cisco Wireless LAN Controller Software +2 more

Timeline

PublishedMar 27

Description

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, res…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages5 packages

▶CVEListV5cisco/cisco_aironet_access_point_software156 versions+155

▶CVEListV5cisco/cisco_business_wireless_access_point_software79 versions+78

▶NVDcisco/business_access_points< 10.9.1.0+1

▶NVDcisco/wireless_lan_controller_software< 8.10.190.0

▶NVDcisco/ios_xe17.4 — 17.6.6+3

🔴Vulnerability Details

GHSA

GHSA-ff9x-f52m-hw5m: A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of s↗2024-03-27

▶

CVEList

CVE-2024-20271: A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of s↗2024-03-27

▶

📋Vendor Advisories

Cisco

Cisco Access Point Software Denial of Service Vulnerability↗2024-03-27

▶