CVE-2020-3359

A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device. A successful exploit could cause a device to reload, resulting in a DoS condition.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:2610xm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2611xm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2612:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2620xm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2621xm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2650xm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2651xm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2691:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-09-24 18:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-3359

Mitre link : CVE-2020-3359

CVE.ORG link : CVE-2020-3359


JSON object : View

Products Affected

cisco

  • catalyst_9800-l
  • catalyst_9800-40
  • 2691
  • catalyst_9800-cl
  • 2611xm
  • 2651xm
  • 2612
  • 2610xm
  • catalyst_9800-80
  • 2620xm
  • catalyst_9800-l-f
  • 2621xm
  • catalyst_9800-l-c
  • ios_xe
  • 2650xm
CWE
CWE-20

Improper Input Validation