Lucene search

[email protected]NVD:CVE-2020-3399

HistorySep 24, 2020 - 6:15 p.m.

CVE-2020-3399

2020-09-2418:15:17

CWE-125

CWE-126

[email protected]

web.nvd.nist.gov

cisco

wireless controllers

dos

vulnerability

input validation

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting in a buffer over-read. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

Affected configurations

Nvd

Node

ciscoios_xeMatch16.12

ciscoios_xeMatch16.12.1s

ciscoios_xeMatch16.12.2

AND

ciscocatalyst_9800-40Match-

ciscocatalyst_9800-80Match-

ciscocatalyst_9800-clMatch-

ciscocatalyst_9800-lMatch-

ciscocatalyst_9800-l-cMatch-

ciscocatalyst_9800-l-fMatch-

VendorProductVersionCPE
ciscoios_xe16.12cpe:2.3:o:cisco:ios_xe:16.12:*:*:*:*:*:*:*
ciscoios_xe16.12.1scpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*
ciscoios_xe16.12.2cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*
ciscocatalyst_9800-40-cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*
ciscocatalyst_9800-80-cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*
ciscocatalyst_9800-cl-cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-c-cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-f-cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	16.12	cpe:2.3:o:cisco:ios_xe:16.12:::::::*
cisco	ios_xe	16.12.1s	cpe:2.3:o:cisco:ios_xe:16.12.1s:::::::*
cisco	ios_xe	16.12.2	cpe:2.3:o:cisco:ios_xe:16.12.2:::::::*
cisco	catalyst_9800-40	-	cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
cisco	catalyst_9800-80	-	cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
cisco	catalyst_9800-cl	-	cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
cisco	catalyst_9800-l	-	cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
cisco	catalyst_9800-l-c	-	cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
cisco	catalyst_9800-l-f	-	cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-ShFzXf

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

Related for NVD:CVE-2020-3399

prion1 cvelist1 cve1 cisco1