CVE-2020-3560 — HIGH (8.6) — White Hats Nepal

Q: How severe is CVE-2020-3560?

CVE-2020-3560 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-3560?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller, Cisco Wireless Lan Controller Software, Cisco 1111-4Pwe, Cisco 1111-8Plteeawb, Cisco 1111-8Pwb.

Vulnerability Description

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Wireless Lan Controller	>= 8.9, < 8.10.112.0
Cisco	Wireless Lan Controller Software	< 8.5.161.0
Cisco	1111-4Pwe	-
Cisco	1111-8Plteeawb	-
Cisco	1111-8Pwb	-
Cisco	1113-8Plteeawe	-
Cisco	1113-8Pmwe	-
Cisco	1113-8Pwe	-
Cisco	1116-4Plteeawe	-
Cisco	1116-4Pwe	-
Cisco	1117-4Plteeawe	-
Cisco	1117-4Pmlteeawe	-
Cisco	1117-4Pmwe	-
Cisco	1117-4Pwe	-
Cisco	Aironet 1542D	-
Cisco	Aironet 1542I	-
Cisco	Aironet 1562D	-
Cisco	Aironet 1562E	-
Cisco	Aironet 1562I	-
Cisco	Aironet 1815	-

Related Weaknesses (CWE)

CWE-400

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aVendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aVendor Advisory

FAQ

What is CVE-2020-3560?

CVE-2020-3560 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper reso...

How severe is CVE-2020-3560?

CVE-2020-3560 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-3560?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller, Cisco Wireless Lan Controller Software, Cisco 1111-4Pwe, Cisco 1111-8Plteeawb, Cisco 1111-8Pwb.