Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-3428


A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.


Published

2020-09-24T18:15:19.387

Last Modified

2024-11-21T05:31:03.023

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:N/I:N/A:C

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

6.5

Impact Score

6.9

Weaknesses
  • Type: Secondary
    CWE-20
  • Type: Primary
    CWE-400

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco ios_xe - Yes
Hardware cisco 1100_integrated_services_router - No
Hardware cisco 1101_integrated_services_router - No
Hardware cisco 1109_integrated_services_router - No
Hardware cisco 1111x_integrated_services_router - No
Hardware cisco 111x_integrated_services_router - No
Hardware cisco 1120_integrated_services_router - No
Hardware cisco 1160_integrated_services_router - No
Hardware cisco 4221_integrated_services_router - No
Hardware cisco 4321_integrated_services_router - No
Hardware cisco 4331_integrated_services_router - No
Hardware cisco 4351_integrated_services_router - No
Hardware cisco 4431_integrated_services_router - No
Hardware cisco 4451-x_integrated_services_router - No
Hardware cisco 4461_integrated_services_router - No
Hardware cisco asr_1001-hx - No
Hardware cisco asr_1001-x - No
Hardware cisco asr_1002-hx - No
Hardware cisco asr_1002-x - No
Hardware cisco asr_1004 - No
Hardware cisco asr_1006 - No
Hardware cisco asr_1006-x - No
Hardware cisco asr_1009-x - No
Hardware cisco asr_1013 - No
Hardware cisco catalyst_9800-40 - No
Hardware cisco catalyst_9800-80 - No
Hardware cisco catalyst_9800-cl - No
Hardware cisco catalyst_9800-l - No
Hardware cisco catalyst_9800-l-c - No
Hardware cisco catalyst_9800-l-f - No
Hardware cisco catalyst_c9200-24p - No
Hardware cisco catalyst_c9200-24t - No
Hardware cisco catalyst_c9200-48p - No
Hardware cisco catalyst_c9200-48t - No
Hardware cisco catalyst_c9200l-24p-4g - No
Hardware cisco catalyst_c9200l-24p-4x - No
Hardware cisco catalyst_c9200l-24pxg-2y - No
Hardware cisco catalyst_c9200l-24pxg-4x - No
Hardware cisco catalyst_c9200l-24t-4g - No
Hardware cisco catalyst_c9200l-24t-4x - No
Hardware cisco catalyst_c9200l-48p-4g - No
Hardware cisco catalyst_c9300-24p - No
Hardware cisco catalyst_c9300-24s - No
Hardware cisco catalyst_c9300-24t - No
Hardware cisco catalyst_c9300-24u - No
Hardware cisco catalyst_c9300-24ux - No
Hardware cisco catalyst_c9300-48p - No
Hardware cisco catalyst_c9300-48s - No
Hardware cisco catalyst_c9300-48t - No
Hardware cisco catalyst_c9300-48u - No
Hardware cisco catalyst_c9300-48un - No
Hardware cisco catalyst_c9300-48uxm - No
Hardware cisco catalyst_c9300l-24p-4g - No
Hardware cisco catalyst_c9300l-24p-4x - No
Hardware cisco catalyst_c9300l-24t-4g - No
Hardware cisco catalyst_c9300l-24t-4x - No
Hardware cisco catalyst_c9300l-48p-4g - No
Hardware cisco catalyst_c9300l-48p-4x - No
Hardware cisco catalyst_c9300l-48t-4g - No
Hardware cisco catalyst_c9300l-48t-4x - No
Hardware cisco catalyst_c9404r - No
Hardware cisco catalyst_c9407r - No
Hardware cisco catalyst_c9410r - No
Hardware cisco catalyst_c9500-12q - No
Hardware cisco catalyst_c9500-16x - No
Hardware cisco catalyst_c9500-24q - No
Hardware cisco catalyst_c9500-24y4c - No
Hardware cisco catalyst_c9500-32c - No
Hardware cisco catalyst_c9500-32qc - No
Hardware cisco catalyst_c9500-40x - No
Hardware cisco catalyst_c9500-48y4c - No
Hardware cisco catalyst_c9600_switch - No
Hardware cisco cloud_services_router_1000v - No
Hardware cisco integrated_services_virtual_router - No

References