CVE-2020-3559

A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Published: Sep 24, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-3559
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.6
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
cisco / wireless_lan_controller	8.9	8.10.112.0
cisco / business_access_points	10.0	10.1.1.0
cisco / access_points	-	16.12.4a
cisco / aironet_access_point_software	8.5(151.0)	8.5(151.0).x
cisco / aironet_access_point_software	17.2.0.26	17.2.0.26.x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw

Vulnerability Database

289,599

CVE-2020-3559