CVE-2020-3559

Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability

CVSS 6.8 MEDIUMEPSS 1.4%CWE-400

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.8EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

24 Sep 2020Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected products

Cisco · Cisco Aironet Access Point Software

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw