7.4
CVE-2020-3428
- EPSS 0.08%
- Veröffentlicht 24.09.2020 18:15:19
- Zuletzt bearbeitet 21.11.2024 05:31:03
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Ios Xe Version-
Cisco ≫ 1100 Integrated Services Router Version-
Cisco ≫ 1101 Integrated Services Router Version-
Cisco ≫ 1109 Integrated Services Router Version-
Cisco ≫ 1111x Integrated Services Router Version-
Cisco ≫ 111x Integrated Services Router Version-
Cisco ≫ 1120 Integrated Services Router Version-
Cisco ≫ 1160 Integrated Services Router Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4321 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4351 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4451-x Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ Asr 1001-hx Version-
Cisco ≫ Asr 1001-x Version-
Cisco ≫ Asr 1002-hx Version-
Cisco ≫ Asr 1002-x Version-
Cisco ≫ Asr 1004 Version-
Cisco ≫ Asr 1006 Version-
Cisco ≫ Asr 1006-x Version-
Cisco ≫ Asr 1009-x Version-
Cisco ≫ Asr 1013 Version-
Cisco ≫ Catalyst 9800-40 Version-
Cisco ≫ Catalyst 9800-80 Version-
Cisco ≫ Catalyst 9800-cl Version-
Cisco ≫ Catalyst 9800-l Version-
Cisco ≫ Catalyst 9800-l-c Version-
Cisco ≫ Catalyst 9800-l-f Version-
Cisco ≫ Catalyst C9200-24p Version-
Cisco ≫ Catalyst C9200-24t Version-
Cisco ≫ Catalyst C9200-48p Version-
Cisco ≫ Catalyst C9200-48t Version-
Cisco ≫ Catalyst C9200l-24p-4g Version-
Cisco ≫ Catalyst C9200l-24p-4x Version-
Cisco ≫ Catalyst C9200l-24pxg-2y Version-
Cisco ≫ Catalyst C9200l-24pxg-4x Version-
Cisco ≫ Catalyst C9200l-24t-4g Version-
Cisco ≫ Catalyst C9200l-24t-4x Version-
Cisco ≫ Catalyst C9200l-48p-4g Version-
Cisco ≫ Catalyst C9300-24p Version-
Cisco ≫ Catalyst C9300-24s Version-
Cisco ≫ Catalyst C9300-24t Version-
Cisco ≫ Catalyst C9300-24u Version-
Cisco ≫ Catalyst C9300-24ux Version-
Cisco ≫ Catalyst C9300-48p Version-
Cisco ≫ Catalyst C9300-48s Version-
Cisco ≫ Catalyst C9300-48t Version-
Cisco ≫ Catalyst C9300-48u Version-
Cisco ≫ Catalyst C9300-48un Version-
Cisco ≫ Catalyst C9300-48uxm Version-
Cisco ≫ Catalyst C9300l-24p-4g Version-
Cisco ≫ Catalyst C9300l-24p-4x Version-
Cisco ≫ Catalyst C9300l-24t-4g Version-
Cisco ≫ Catalyst C9300l-24t-4x Version-
Cisco ≫ Catalyst C9300l-48p-4g Version-
Cisco ≫ Catalyst C9300l-48p-4x Version-
Cisco ≫ Catalyst C9300l-48t-4g Version-
Cisco ≫ Catalyst C9300l-48t-4x Version-
Cisco ≫ Catalyst C9404r Version-
Cisco ≫ Catalyst C9407r Version-
Cisco ≫ Catalyst C9410r Version-
Cisco ≫ Catalyst C9500-12q Version-
Cisco ≫ Catalyst C9500-16x Version-
Cisco ≫ Catalyst C9500-24q Version-
Cisco ≫ Catalyst C9500-24y4c Version-
Cisco ≫ Catalyst C9500-32c Version-
Cisco ≫ Catalyst C9500-32qc Version-
Cisco ≫ Catalyst C9500-40x Version-
Cisco ≫ Catalyst C9500-48y4c Version-
Cisco ≫ Catalyst C9600 Switch Version-
Cisco ≫ Cloud Services Router 1000v Version-
Cisco ≫ Integrated Services Virtual Router Version-
Cisco ≫ 1101 Integrated Services Router Version-
Cisco ≫ 1109 Integrated Services Router Version-
Cisco ≫ 1111x Integrated Services Router Version-
Cisco ≫ 111x Integrated Services Router Version-
Cisco ≫ 1120 Integrated Services Router Version-
Cisco ≫ 1160 Integrated Services Router Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4321 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4351 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4451-x Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ Asr 1001-hx Version-
Cisco ≫ Asr 1001-x Version-
Cisco ≫ Asr 1002-hx Version-
Cisco ≫ Asr 1002-x Version-
Cisco ≫ Asr 1004 Version-
Cisco ≫ Asr 1006 Version-
Cisco ≫ Asr 1006-x Version-
Cisco ≫ Asr 1009-x Version-
Cisco ≫ Asr 1013 Version-
Cisco ≫ Catalyst 9800-40 Version-
Cisco ≫ Catalyst 9800-80 Version-
Cisco ≫ Catalyst 9800-cl Version-
Cisco ≫ Catalyst 9800-l Version-
Cisco ≫ Catalyst 9800-l-c Version-
Cisco ≫ Catalyst 9800-l-f Version-
Cisco ≫ Catalyst C9200-24p Version-
Cisco ≫ Catalyst C9200-24t Version-
Cisco ≫ Catalyst C9200-48p Version-
Cisco ≫ Catalyst C9200-48t Version-
Cisco ≫ Catalyst C9200l-24p-4g Version-
Cisco ≫ Catalyst C9200l-24p-4x Version-
Cisco ≫ Catalyst C9200l-24pxg-2y Version-
Cisco ≫ Catalyst C9200l-24pxg-4x Version-
Cisco ≫ Catalyst C9200l-24t-4g Version-
Cisco ≫ Catalyst C9200l-24t-4x Version-
Cisco ≫ Catalyst C9200l-48p-4g Version-
Cisco ≫ Catalyst C9300-24p Version-
Cisco ≫ Catalyst C9300-24s Version-
Cisco ≫ Catalyst C9300-24t Version-
Cisco ≫ Catalyst C9300-24u Version-
Cisco ≫ Catalyst C9300-24ux Version-
Cisco ≫ Catalyst C9300-48p Version-
Cisco ≫ Catalyst C9300-48s Version-
Cisco ≫ Catalyst C9300-48t Version-
Cisco ≫ Catalyst C9300-48u Version-
Cisco ≫ Catalyst C9300-48un Version-
Cisco ≫ Catalyst C9300-48uxm Version-
Cisco ≫ Catalyst C9300l-24p-4g Version-
Cisco ≫ Catalyst C9300l-24p-4x Version-
Cisco ≫ Catalyst C9300l-24t-4g Version-
Cisco ≫ Catalyst C9300l-24t-4x Version-
Cisco ≫ Catalyst C9300l-48p-4g Version-
Cisco ≫ Catalyst C9300l-48p-4x Version-
Cisco ≫ Catalyst C9300l-48t-4g Version-
Cisco ≫ Catalyst C9300l-48t-4x Version-
Cisco ≫ Catalyst C9404r Version-
Cisco ≫ Catalyst C9407r Version-
Cisco ≫ Catalyst C9410r Version-
Cisco ≫ Catalyst C9500-12q Version-
Cisco ≫ Catalyst C9500-16x Version-
Cisco ≫ Catalyst C9500-24q Version-
Cisco ≫ Catalyst C9500-24y4c Version-
Cisco ≫ Catalyst C9500-32c Version-
Cisco ≫ Catalyst C9500-32qc Version-
Cisco ≫ Catalyst C9500-40x Version-
Cisco ≫ Catalyst C9500-48y4c Version-
Cisco ≫ Catalyst C9600 Switch Version-
Cisco ≫ Cloud Services Router 1000v Version-
Cisco ≫ Integrated Services Virtual Router Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.216 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 6.1 | 6.5 | 6.9 |
AV:A/AC:L/Au:N/C:N/I:N/A:C
|
| psirt@cisco.com | 7.4 | 2.8 | 4 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.