CVE-2020-3260

A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point (AP). An attacker could exploit this vulnerability by sending a large number of sustained client packets to the affected AP. A successful exploit could allow the attacker to cause the affected AP to crash, resulting in a DoS condition.

Published: Apr 15, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-3260
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 3.3
AV:A/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
cisco / aironet_1542i_firmware	8.9(100.0)	8.9(100.0).x
cisco / aironet_1542d_firmware	8.9(100.0)	8.9(100.0).x
cisco / aironet_1815_firmware	8.9(100.0)	8.9(100.0).x
cisco / aironet_1830_firmware	8.9(100.0)	8.9(100.0).x
cisco / aironet_1840_firmware	8.9(100.0)	8.9(100.0).x
cisco / aironet_1850_firmware	8.9(100.0)	8.9(100.0).x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-dos-5ZLs6ESz

Vulnerability Database

290,206

CVE-2020-3260