HIGH✓ PATCH🇬🇧 English

CVE-2020-3262

CVSS 7.5v3.1pub. 2020-04-15upd. 2024-11-21

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Cisco 5508 Wireless Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco 5508 Wireless Controller Firmware

    OS
    Cisco
    8.8\(120.0\)
  • Cisco 5520 Wireless Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco 5520 Wireless Controller Firmware

    OS
    Cisco
    8.8\(120.0\)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2022-20695CRITICAL10.0ten sam produkt

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allo...

CVE-2020-3273HIGH7.5ten sam produkt

A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless ...

CVE-2012-0369HIGH7.8ten sam produkt

Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, a...

CVE-2012-0371HIGH9.3ten sam produkt

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-ba...

CVE-2012-0370HIGH7.8ten sam produkt

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 befo...