#VU87900 Improper Cleanup on Thrown Exception in Cisco Systems, Inc products - CVE-2024-20354
Published: March 28, 2024
Vulnerability identifier: #VU87900
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-20354
CWE-ID: CWE-460
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
800 and 1900 Series ISR Integrated Access Points
Aironet 1700 Series Access Points
Aironet 2700 Series Access Points
Aironet 3700 Series Access Points
Industrial Wireless 3700 Series
Wireless LAN Controller Software
Aironet 1530 Series Outdoor Access Points
Aironet 1552 Outdoor Access Points
Aironet 1570 Series Outdoor Access Points
Catalyst 9800 Series Wireless Controller Software
800 and 1900 Series ISR Integrated Access Points
Aironet 1700 Series Access Points
Aironet 2700 Series Access Points
Aironet 3700 Series Access Points
Industrial Wireless 3700 Series
Wireless LAN Controller Software
Aironet 1530 Series Outdoor Access Points
Aironet 1552 Outdoor Access Points
Aironet 1570 Series Outdoor Access Points
Catalyst 9800 Series Wireless Controller Software
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incomplete cleanup of resources when dropping certain malformed frames. A remote attacker on the local network can cause degradation of service to other clients and cause a denial of service condition on the target system.
Remediation
Install updates from vendor's website.