CVE-2020-3560

Published Sep 24, 2020

Last updated 4 years ago

CVSS high 8.6

Overview

Description: A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.6
Impact score: 4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 8.6
Impact score: 4
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-400
ykramarz@cisco.com: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FAC3262-0899-4F22-8EE7-27F35FB7276D",
            "versionEndExcluding": "8.10.112.0",
            "versionStartIncluding": "8.9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E903427-F63E-4E51-AC2D-96A707261DEE",
            "versionEndExcluding": "8.5.161.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5E7FBB2-4D72-47E2-84A2-AF8FE3CCE876",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7262ADAB-296F-4DC2-9CD7-A86D7F6441C8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1111-8plteeawb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "929A06B1-38F1-42F4-B179-D42B04506AFC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E3056B31-1977-4472-BC74-19A5B8B5EC44"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9261A638-E2E4-4EF0-84E9-A585BF763263"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C85463D-0B37-4746-B7EA-80F3096305E7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58C04E5B-AC03-440F-9007-0D6761B41F68"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "29A5E963-2987-4927-862A-6375624FC876"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3601499F-AD3B-47EA-816A-A01379CA1A33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "303129EF-9107-4B39-8683-1BD917B3E68D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "76B2B271-555B-4439-95D8-086E516F1169"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6CB321CD-9096-4F75-AD2F-4EAE1CA75D76"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98F31C77-0303-4FD9-B968-6B430202C6AD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215"
          },
          {
            "criteria": "cpe:2.3:h:cisco:business_140ac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6331ADD0-9438-4095-84D4-4434C4782C60"
          },
          {
            "criteria": "cpe:2.3:h:cisco:business_145ac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "19202724-5BEB-487C-98EA-F3B6924C52CD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:business_240ac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07135C18-DDB4-41F3-971F-A4FC38C99E26"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70"
          },
          {
            "criteria": "cpe:2.3:h:cisco:esw-6300-con-x-k9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED3625BC-9003-4E07-B4EA-EB44CADDD6B4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
            "versionEndExcluding": "10.1.1.0",
            "versionStartIncluding": "10.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
            "versionEndExcluding": "16.12.4a"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.5\\(154.27\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F7E9751-8192-4418-89BE-58D83E1BC2F2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.8\\(125.0\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CBF1E5E-E88B-46EA-AF9A-A52B9CF84273"
          },
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(105.0\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C522D2E-422A-47E9-884B-708E4F4BF203"
          },
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(105.4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50089912-8D92-4A0F-83C6-2C9BB3B7CF61"
          },
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A94467F-9120-4165-832C-292F343AD65A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9301B023-A2C5-4DAD-9A05-FDE751AF3C41"
          },
          {
            "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.2.0.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E600825D-4984-488E-BF44-89816CAB6869"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References