Main Vulnerability Database Vulnerabilities #VU47151

Out-of-bounds read in Cisco Systems, Inc products - CVE-2020-3399

Published: September 24, 2020 / Updated: September 29, 2020

Vulnerability identifier: #VU47151

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-3399

CWE-ID: CWE-125

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Catalyst 9800 Wireless Controller
Cisco Embedded Wireless Controller on Catalyst 9100 Access Points
Cisco IOS XE

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol. A remote attacker can send a specially crafted CAPWAP packet, trigger out-of-bounds read error and cause a denial of service condition on the system.

This vulnerability affects the following products running a vulnerable release of Cisco IOS XE Software:

Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
Catalyst 9800 Series Wireless Controllers
Embedded Wireless Controller on Catalyst 9100 Access Points

Remediation

Install updates from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-ShFzXf

Out-of-bounds read in Cisco Systems, Inc products - CVE-2020-3399

Description

Remediation

External links

Please verify you're human