CVE-2020-3560

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.

CVSS v3 8.6 HIGH
CVSS v2.0 7.8 HIGH

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:wireless_lan_controller::::::::
	cpe:2.3:o:cisco:wireless_lan_controller_software::::::::
	cpe:2.3:o:cisco:wireless_lan_controller_software::::::::

OR	cpe:2.3:h:cisco:1111-4pwe:-:::::::*
	cpe:2.3:h:cisco:1111-8plteeawb:-:::::::*
	cpe:2.3:h:cisco:1111-8pwb:-:::::::*
	cpe:2.3:h:cisco:1113-8plteeawe:-:::::::*
	cpe:2.3:h:cisco:1113-8pmwe:-:::::::*
	cpe:2.3:h:cisco:1113-8pwe:-:::::::*
	cpe:2.3:h:cisco:1116-4plteeawe:-:::::::*
	cpe:2.3:h:cisco:1116-4pwe:-:::::::*
	cpe:2.3:h:cisco:1117-4plteeawe:-:::::::*
	cpe:2.3:h:cisco:1117-4pmlteeawe:-:::::::*
	cpe:2.3:h:cisco:1117-4pmwe:-:::::::*
	cpe:2.3:h:cisco:1117-4pwe:-:::::::*
	cpe:2.3:h:cisco:aironet_1542d:-:::::::*
	cpe:2.3:h:cisco:aironet_1542i:-:::::::*
	cpe:2.3:h:cisco:aironet_1562d:-:::::::*
	cpe:2.3:h:cisco:aironet_1562e:-:::::::*
	cpe:2.3:h:cisco:aironet_1562i:-:::::::*
	cpe:2.3:h:cisco:aironet_1815:-:::::::*
	cpe:2.3:h:cisco:aironet_1830e:-:::::::*
	cpe:2.3:h:cisco:aironet_1830i:-:::::::*
	cpe:2.3:h:cisco:aironet_1850e:-:::::::*
	cpe:2.3:h:cisco:aironet_1850i:-:::::::*
	cpe:2.3:h:cisco:aironet_2800e:-:::::::*
	cpe:2.3:h:cisco:aironet_2800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800e:-:::::::*
	cpe:2.3:h:cisco:aironet_3800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800p:-:::::::*
	cpe:2.3:h:cisco:aironet_4800:-:::::::*
	cpe:2.3:h:cisco:business_140ac:-:::::::*
	cpe:2.3:h:cisco:business_145ac:-:::::::*
	cpe:2.3:h:cisco:business_240ac:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130:-:::::::*
	cpe:2.3:h:cisco:catalyst_iw6300:-:::::::*
	cpe:2.3:h:cisco:esw-6300-con-x-k9:-:::::::*

Configuration 2 (hide)

cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*

Configuration 4 (hide)

AND

OR	cpe:2.3:a:cisco:aironet_access_point_software:8.5\(154.27\):::::::*
	cpe:2.3:a:cisco:aironet_access_point_software:8.8\(125.0\):::::::*
	cpe:2.3:a:cisco:aironet_access_point_software:8.10\(105.0\):::::::*
	cpe:2.3:a:cisco:aironet_access_point_software:8.10\(105.4\):::::::*
	cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.6:::::::*
	cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.9:::::::*
	cpe:2.3:a:cisco:aironet_access_point_software:17.2.0.37:::::::*

OR	cpe:2.3:h:cisco:aironet_1850e:-:::::::*
	cpe:2.3:h:cisco:aironet_1850i:-:::::::*

History

No history.

Information

Published : 2020-09-24 18:15

Updated : 2024-02-04 21:23

NVD link : CVE-2020-3560

Mitre link : CVE-2020-3560

CVE.ORG link : CVE-2020-3560

JSON object : View

Products Affected

cisco

1113-8plteeawe
access_points
catalyst_9800-40
1111-8pwb
1117-4pwe
1116-4pwe
catalyst_9800-cl
wireless_lan_controller
catalyst_9130
1117-4pmlteeawe
catalyst_9800-l-f
1117-4plteeawe
aironet_1830e
esw-6300-con-x-k9
aironet_1850i
catalyst_9120
catalyst_9117
business_140ac
wireless_lan_controller_software
aironet_1562e
aironet_1815
aironet_3800e
aironet_1830i
aironet_2800e
catalyst_9115
1116-4plteeawe
aironet_2800i
business_145ac
aironet_access_point_software
catalyst_iw6300
aironet_1542i
1117-4pmwe
1113-8pwe
business_access_points
aironet_4800
aironet_3800p
aironet_1542d
catalyst_9105
aironet_1850e
catalyst_9800-80
1113-8pmwe
aironet_3800i
catalyst_9800-l-c
catalyst_9800-l
aironet_1562d
1111-8plteeawb
business_240ac
1111-4pwe
aironet_1562i

CWE

CWE-400

Uncontrolled Resource Consumption

8.6 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2020-3560

8.6^/10

7.8^/10

Attach tags to `CVE-2020-3560`