Lucene search

CiscoCVE-2020-3399

HistorySep 24, 2020 - 6:15 p.m.

CVE-2020-3399

2020-09-2418:15:17

CWE-126

CWE-125

cisco

web.nvd.nist.gov

cve-2020-3399

capwap protocol

cisco

ios xe software

wireless controllers

dos

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting in a buffer over-read. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

Affected configurations

Nvd

Node

ciscoios_xeMatch16.12

ciscoios_xeMatch16.12.1s

ciscoios_xeMatch16.12.2

AND

ciscocatalyst_9800-40Match-

ciscocatalyst_9800-80Match-

ciscocatalyst_9800-clMatch-

ciscocatalyst_9800-lMatch-

ciscocatalyst_9800-l-cMatch-

ciscocatalyst_9800-l-fMatch-

VendorProductVersionCPE
ciscoios_xe16.12cpe:2.3:o:cisco:ios_xe:16.12:*:*:*:*:*:*:*
ciscoios_xe16.12.1scpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*
ciscoios_xe16.12.2cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*
ciscocatalyst_9800-40-cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*
ciscocatalyst_9800-80-cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*
ciscocatalyst_9800-cl-cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-c-cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-f-cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	16.12	cpe:2.3:o:cisco:ios_xe:16.12:::::::*
cisco	ios_xe	16.12.1s	cpe:2.3:o:cisco:ios_xe:16.12.1s:::::::*
cisco	ios_xe	16.12.2	cpe:2.3:o:cisco:ios_xe:16.12.2:::::::*
cisco	catalyst_9800-40	-	cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
cisco	catalyst_9800-80	-	cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
cisco	catalyst_9800-cl	-	cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
cisco	catalyst_9800-l	-	cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
cisco	catalyst_9800-l-c	-	cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
cisco	catalyst_9800-l-f	-	cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*

CNA Affected

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-ShFzXf

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

52.7%

JSON

Related for CVE-2020-3399