CVE Vulnerability

CVE-2020-3560

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.

7.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

Scope

8.6 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*
Information

Published : 2020-09-24 06:15

Updated : 2021-04-16 03:01

NVD link : CVE-2020-3560

Mitre link : CVE-2020-3560

Products Affected

Aironet 4800

Cisco

CWE
CWE-400