A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 05:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY - Vendor Advisory |
Information
Published : 2020-09-24 18:15
Updated : 2024-11-21 05:31
NVD link : CVE-2020-3552
Mitre link : CVE-2020-3552
CVE.ORG link : CVE-2020-3552
JSON object : View
Products Affected
cisco
- aironet_1562d
- aironet_1850i
- aironet_access_point_software
- aironet_1830i
- aironet_2800e
- business_access_points
- catalyst_9800-l-c
- aironet_1830e
- catalyst_9800-cl
- aironet_1840
- aironet_3800i
- aironet_4800
- aironet_2800i
- aironet_1810
- aironet_1562e
- catalyst_9800-80
- aironet_3800e
- aironet_1850e
- aironet_1815
- aironet_1542i
- catalyst_9800-l-f
- wireless_lan_controller
- aironet_3800p
- catalyst_9800-l
- catalyst_9800-40
- aironet_1542d
- access_points
- aironet_1562i
CWE
CWE-476
NULL Pointer Dereference