A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
References
| Link | Resource |
|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
No history.
Information
Published : 2020-09-24 18:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-3552
Mitre link : CVE-2020-3552
CVE.ORG link : CVE-2020-3552
JSON object : View
Products Affected
cisco
- access_points
- catalyst_9800-40
- catalyst_9800-cl
- wireless_lan_controller
- aironet_1830e
- aironet_1850i
- aironet_1810
- aironet_1562e
- aironet_1815
- aironet_3800e
- aironet_1830i
- aironet_2800e
- aironet_2800i
- aironet_1562i
- aironet_access_point_software
- aironet_1542i
- business_access_points
- aironet_4800
- aironet_1542d
- aironet_1840
- aironet_1850e
- catalyst_9800-80
- aironet_3800i
- catalyst_9800-l-c
- catalyst_9800-l
- aironet_1562d
- catalyst_9800-l-f
- aironet_3800p
CWE
CWE-476
NULL Pointer Dereference