Details of VAR-202009-1181

ID

VAR-202009-1181

CVE

CVE-2020-3560

TITLE

Cisco Aironet Access Points Resource Depletion Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-011925

DESCRIPTION

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention

Trust: 1.71

sources: NVD: CVE-2020-3560 // JVNDB: JVNDB-2020-011925 // VULHUB: VHN-181685

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.8.130.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	gte	version:	8.6	Trust: 1.0
vendor:	cisco	model:	business access points	scope:	lt	version:	10.1.1.0	Trust: 1.0
vendor:	cisco	model:	access points	scope:	lt	version:	16.12.4a	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	8.10\(105.0\)	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	17.2.0.37	Trust: 1.0
vendor:	cisco	model:	business access points	scope:	gte	version:	10.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.5.161.0	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	17.1.2.9	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	8.8\(125.0\)	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	8.10\(105.4\)	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	17.1.2.6	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	gte	version:	8.9	Trust: 1.0
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	8.5\(154.27\)	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	lt	version:	8.10.112.0	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco aironet アクセスポイントソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco business access point	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco access points	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wireless lan controller ソフトウェア	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-011925 // NVD: CVE-2020-3560

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3560
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3560
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-3560
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202009-1380
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181685
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-3560
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-181685
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2020-3560
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-3560
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380 // NVD: CVE-2020-3560 // NVD: CVE-2020-3560

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.1
problemtype:	Resource exhaustion (CWE-400) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // NVD: CVE-2020-3560

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-1380

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202009-1380

PATCH

title:	cisco-sa-aironet-dos-VHr2zG9y	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y	Trust: 0.8
title:	Cisco Aironet Access Points Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129043	Trust: 0.6

sources: JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3560	Trust: 2.5
db:	JVNDB	id:	JVNDB-2020-011925	Trust: 0.8
db:	AUSCERT	id:	ESB-2020.3271	Trust: 0.6
db:	NSFOCUS	id:	49372	Trust: 0.6
db:	CNNVD	id:	CNNVD-202009-1380	Trust: 0.6
db:	VULHUB	id:	VHN-181685	Trust: 0.1

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380 // NVD: CVE-2020-3560

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-aironet-dos-vhr2zg9y	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3560	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2020.3271/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/49372	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-aironet-denial-of-service-via-udp-33418	Trust: 0.6

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380 // NVD: CVE-2020-3560

SOURCES

db:	VULHUB	id:	VHN-181685
db:	JVNDB	id:	JVNDB-2020-011925
db:	CNNVD	id:	CNNVD-202009-1380
db:	NVD	id:	CVE-2020-3560

LAST UPDATE DATE

2024-08-14T13:43:55.353000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181685	date:	2021-04-16T00:00:00
db:	JVNDB	id:	JVNDB-2020-011925	date:	2021-04-20T02:24:00
db:	CNNVD	id:	CNNVD-202009-1380	date:	2020-10-10T00:00:00
db:	NVD	id:	CVE-2020-3560	date:	2021-04-16T15:01:40.010

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181685	date:	2020-09-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-011925	date:	2021-04-20T00:00:00
db:	CNNVD	id:	CNNVD-202009-1380	date:	2020-09-24T00:00:00
db:	NVD	id:	CVE-2020-3560	date:	2020-09-24T18:15:22.137