Lucene search

CiscoCVELIST:CVE-2024-20303

HistoryMar 27, 2024 - 5:00 p.m.

CVE-2024-20303

2024-03-2717:00:37

cisco

www.cve.org

cisco

ios xe

wlcs

mdns gateway

vulnerability

wireless lan controllers

dos

denial of service

cpu utilization

access points

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.0%

JSON

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.

This vulnerability is due to improper management of mDNS client entries. An attacker could exploit this vulnerability by connecting to the wireless network and sending a continuous stream of specific mDNS packets. A successful exploit could allow the attacker to cause the wireless controller to have high CPU utilization, which could lead to access points (APs) losing their connection to the controller and result in a DoS condition.

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco IOS XE Software",
    "versions": [
      {
        "version": "17.2.1",
        "status": "affected"
      },
      {
        "version": "17.2.1r",
        "status": "affected"
      },
      {
        "version": "17.2.1a",
        "status": "affected"
      },
      {
        "version": "17.2.1v",
        "status": "affected"
      },
      {
        "version": "17.2.2",
        "status": "affected"
      },
      {
        "version": "17.2.3",
        "status": "affected"
      },
      {
        "version": "17.3.1",
        "status": "affected"
      },
      {
        "version": "17.3.2",
        "status": "affected"
      },
      {
        "version": "17.3.3",
        "status": "affected"
      },
      {
        "version": "17.3.1a",
        "status": "affected"
      },
      {
        "version": "17.3.1w",
        "status": "affected"
      },
      {
        "version": "17.3.2a",
        "status": "affected"
      },
      {
        "version": "17.3.1x",
        "status": "affected"
      },
      {
        "version": "17.3.1z",
        "status": "affected"
      },
      {
        "version": "17.3.4",
        "status": "affected"
      },
      {
        "version": "17.3.5",
        "status": "affected"
      },
      {
        "version": "17.3.4a",
        "status": "affected"
      },
      {
        "version": "17.3.6",
        "status": "affected"
      },
      {
        "version": "17.3.4b",
        "status": "affected"
      },
      {
        "version": "17.3.4c",
        "status": "affected"
      },
      {
        "version": "17.3.5a",
        "status": "affected"
      },
      {
        "version": "17.3.5b",
        "status": "affected"
      },
      {
        "version": "17.3.7",
        "status": "affected"
      },
      {
        "version": "17.3.8",
        "status": "affected"
      },
      {
        "version": "17.3.8a",
        "status": "affected"
      },
      {
        "version": "17.4.1",
        "status": "affected"
      },
      {
        "version": "17.4.2",
        "status": "affected"
      },
      {
        "version": "17.4.1a",
        "status": "affected"
      },
      {
        "version": "17.4.1b",
        "status": "affected"
      },
      {
        "version": "17.4.2a",
        "status": "affected"
      },
      {
        "version": "17.5.1",
        "status": "affected"
      },
      {
        "version": "17.5.1a",
        "status": "affected"
      },
      {
        "version": "17.6.1",
        "status": "affected"
      },
      {
        "version": "17.6.2",
        "status": "affected"
      },
      {
        "version": "17.6.1w",
        "status": "affected"
      },
      {
        "version": "17.6.1a",
        "status": "affected"
      },
      {
        "version": "17.6.1x",
        "status": "affected"
      },
      {
        "version": "17.6.3",
        "status": "affected"
      },
      {
        "version": "17.6.1y",
        "status": "affected"
      },
      {
        "version": "17.6.1z",
        "status": "affected"
      },
      {
        "version": "17.6.3a",
        "status": "affected"
      },
      {
        "version": "17.6.4",
        "status": "affected"
      },
      {
        "version": "17.6.1z1",
        "status": "affected"
      },
      {
        "version": "17.6.5",
        "status": "affected"
      },
      {
        "version": "17.6.5a",
        "status": "affected"
      },
      {
        "version": "17.7.1",
        "status": "affected"
      },
      {
        "version": "17.7.1a",
        "status": "affected"
      },
      {
        "version": "17.7.1b",
        "status": "affected"
      },
      {
        "version": "17.7.2",
        "status": "affected"
      },
      {
        "version": "17.10.1",
        "status": "affected"
      },
      {
        "version": "17.10.1a",
        "status": "affected"
      },
      {
        "version": "17.10.1b",
        "status": "affected"
      },
      {
        "version": "17.8.1",
        "status": "affected"
      },
      {
        "version": "17.8.1a",
        "status": "affected"
      },
      {
        "version": "17.9.1",
        "status": "affected"
      },
      {
        "version": "17.9.1w",
        "status": "affected"
      },
      {
        "version": "17.9.2",
        "status": "affected"
      },
      {
        "version": "17.9.1a",
        "status": "affected"
      },
      {
        "version": "17.9.1x",
        "status": "affected"
      },
      {
        "version": "17.9.1y",
        "status": "affected"
      },
      {
        "version": "17.9.3",
        "status": "affected"
      },
      {
        "version": "17.9.2a",
        "status": "affected"
      },
      {
        "version": "17.9.1x1",
        "status": "affected"
      },
      {
        "version": "17.9.3a",
        "status": "affected"
      },
      {
        "version": "17.9.1y1",
        "status": "affected"
      },
      {
        "version": "17.11.1",
        "status": "affected"
      },
      {
        "version": "17.11.1a",
        "status": "affected"
      },
      {
        "version": "17.11.99SW",
        "status": "affected"
      }
    ]
  }
]

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-mdns-dos-4hv6pBGf

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-20303