ID

VAR-202009-1181


CVE

CVE-2020-3560


TITLE

Cisco Aironet Access Points  Resource Depletion Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-011925

DESCRIPTION

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention

Trust: 1.71

sources: NVD: CVE-2020-3560 // JVNDB: JVNDB-2020-011925 // VULHUB: VHN-181685

AFFECTED PRODUCTS

vendor:ciscomodel:wireless lan controller softwarescope:ltversion:8.8.130.0

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:gteversion:8.6

Trust: 1.0

vendor:ciscomodel:business access pointsscope:ltversion:10.1.1.0

Trust: 1.0

vendor:ciscomodel:access pointsscope:ltversion:16.12.4a

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:8.10\(105.0\)

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:17.2.0.37

Trust: 1.0

vendor:ciscomodel:business access pointsscope:gteversion:10.0

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:ltversion:8.5.161.0

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:17.1.2.9

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:8.8\(125.0\)

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:8.10\(105.4\)

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:17.1.2.6

Trust: 1.0

vendor:ciscomodel:wireless lan controllerscope:gteversion:8.9

Trust: 1.0

vendor:ciscomodel:aironet access point softwarescope:eqversion:8.5\(154.27\)

Trust: 1.0

vendor:ciscomodel:wireless lan controllerscope:ltversion:8.10.112.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco aironet アクセス ポイント ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco business access pointscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco access pointsscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco wireless lan controller ソフトウェアscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-011925 // NVD: CVE-2020-3560

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3560
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3560
value: HIGH

Trust: 1.0

NVD: CVE-2020-3560
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202009-1380
value: HIGH

Trust: 0.6

VULHUB: VHN-181685
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-3560
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-181685
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2020-3560
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2020-3560
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380 // NVD: CVE-2020-3560 // NVD: CVE-2020-3560

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.1

problemtype:Resource exhaustion (CWE-400) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // NVD: CVE-2020-3560

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-1380

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202009-1380

PATCH

title:cisco-sa-aironet-dos-VHr2zG9yurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y

Trust: 0.8

title:Cisco Aironet Access Points Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129043

Trust: 0.6

sources: JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380

EXTERNAL IDS

db:NVDid:CVE-2020-3560

Trust: 2.5

db:JVNDBid:JVNDB-2020-011925

Trust: 0.8

db:AUSCERTid:ESB-2020.3271

Trust: 0.6

db:NSFOCUSid:49372

Trust: 0.6

db:CNNVDid:CNNVD-202009-1380

Trust: 0.6

db:VULHUBid:VHN-181685

Trust: 0.1

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380 // NVD: CVE-2020-3560

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-aironet-dos-vhr2zg9y

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-3560

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2020.3271/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/49372

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-aironet-denial-of-service-via-udp-33418

Trust: 0.6

sources: VULHUB: VHN-181685 // JVNDB: JVNDB-2020-011925 // CNNVD: CNNVD-202009-1380 // NVD: CVE-2020-3560

SOURCES

db:VULHUBid:VHN-181685
db:JVNDBid:JVNDB-2020-011925
db:CNNVDid:CNNVD-202009-1380
db:NVDid:CVE-2020-3560

LAST UPDATE DATE

2024-08-14T13:43:55.353000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181685date:2021-04-16T00:00:00
db:JVNDBid:JVNDB-2020-011925date:2021-04-20T02:24:00
db:CNNVDid:CNNVD-202009-1380date:2020-10-10T00:00:00
db:NVDid:CVE-2020-3560date:2021-04-16T15:01:40.010

SOURCES RELEASE DATE

db:VULHUBid:VHN-181685date:2020-09-24T00:00:00
db:JVNDBid:JVNDB-2020-011925date:2021-04-20T00:00:00
db:CNNVDid:CNNVD-202009-1380date:2020-09-24T00:00:00
db:NVDid:CVE-2020-3560date:2020-09-24T18:15:22.137