CVE-2020-3203: Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability
First published: Wed Jun 03 2020(Updated: )
A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE | =16.1.1 | |
| Cisco IOS XE | =16.1.2 | |
| Cisco IOS XE | =16.1.3 | |
| Cisco IOS XE | =16.2.1 | |
| Cisco IOS XE | =16.2.2 | |
| Cisco IOS XE | =16.3.1 | |
| Cisco IOS XE | =16.3.1a | |
| Cisco IOS XE | =16.3.2 | |
| Cisco IOS XE | =16.3.3 | |
| Cisco IOS XE | =16.3.4 | |
| Cisco IOS XE | =16.3.5 | |
| Cisco IOS XE | =16.3.5b | |
| Cisco IOS XE | =16.3.6 | |
| Cisco IOS XE | =16.3.7 | |
| Cisco IOS XE | =16.3.8 | |
| Cisco IOS XE | =16.3.9 | |
| Cisco IOS XE | =16.4.1 | |
| Cisco IOS XE | =16.4.2 | |
| Cisco IOS XE | =16.4.3 | |
| Cisco IOS XE | =16.5.1 | |
| Cisco IOS XE | =16.5.1a | |
| Cisco IOS XE | =16.5.1b | |
| Cisco IOS XE | =16.5.2 | |
| Cisco IOS XE | =16.5.3 | |
| Cisco IOS XE | =16.7.1 | |
| Cisco IOS XE | =16.7.2 | |
| Cisco IOS XE | =16.7.3 | |
| Cisco IOS XE | =16.8.1 | |
| Cisco IOS XE | =16.8.1a | |
| Cisco IOS XE | =16.8.1b | |
| Cisco IOS XE | =16.8.1c | |
| Cisco IOS XE | =16.8.1s | |
| Cisco IOS XE | =16.8.2 | |
| Cisco IOS XE | =16.8.3 | |
| Cisco IOS XE | =16.10.1 | |
| Cisco IOS XE | =16.10.1a | |
| Cisco IOS XE | =16.10.1b | |
| Cisco IOS XE | =16.10.1e | |
| Cisco IOS XE | =16.10.1s | |
| Cisco IOS XE | =16.10.2 | |
| Cisco IOS XE | =16.10.3 | |
| Cisco IOS XE | =16.11.1 | |
| Cisco IOS XE | =16.11.1a | |
| Cisco IOS XE | =16.11.1b | |
| Cisco IOS XE | =16.11.1c | |
| Cisco IOS XE | =16.11.1s | |
| Cisco IOS XE | =16.12.1 | |
| Cisco IOS XE | =16.12.1a | |
| Cisco IOS XE | =16.12.1c | |
| Cisco IOS XE | =16.12.1s | |
| Cisco IOS XE | =16.12.2 | |
| Cisco IOS XE | =16.12.2a | |
| Cisco IOS XE | =16.12.4 | |
| Cisco IOS XE | =16.12.8 | |
| Cisco Catalyst 9800-40 | ||
| Cisco Catalyst 9800-80 | ||
| Cisco Catalyst 9800-CL | ||
| Cisco Catalyst 9800-L | ||
| Cisco Catalyst 9800-L | ||
| Cisco Catalyst 9800-L |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-3203?
CVE-2020-3203 is rated as high severity due to its potential to cause a denial of service.
How do I fix CVE-2020-3203?
To fix CVE-2020-3203, upgrade your Cisco Catalyst 9800 Series Wireless Controller to a fixed version of Cisco IOS XE Software.
Who is affected by CVE-2020-3203?
CVE-2020-3203 affects Cisco Catalyst 9800 Series Wireless Controllers running specific versions of Cisco IOS XE Software.
Can CVE-2020-3203 be exploited remotely?
Yes, CVE-2020-3203 can be exploited by unauthenticated remote attackers.
What kind of vulnerability is CVE-2020-3203?
CVE-2020-3203 is a memory leak vulnerability that can lead to denial of service.
- agent/weakness
- agent/type
- agent/references
- agent/severity
- agent/remedy
- agent/title
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios xe
- version/cisco ios xe/16.1.1
- version/cisco ios xe/16.1.2
- version/cisco ios xe/16.1.3
- version/cisco ios xe/16.2.1
- version/cisco ios xe/16.2.2
- version/cisco ios xe/16.3.1
- version/cisco ios xe/16.3.1a
- version/cisco ios xe/16.3.2
- version/cisco ios xe/16.3.3
- version/cisco ios xe/16.3.4
- version/cisco ios xe/16.3.5
- version/cisco ios xe/16.3.5b
- version/cisco ios xe/16.3.6
- version/cisco ios xe/16.3.7
- version/cisco ios xe/16.3.8
- version/cisco ios xe/16.3.9
- version/cisco ios xe/16.4.1
- version/cisco ios xe/16.4.2
- version/cisco ios xe/16.4.3
- version/cisco ios xe/16.5.1
- version/cisco ios xe/16.5.1a
- version/cisco ios xe/16.5.1b
- version/cisco ios xe/16.5.2
- version/cisco ios xe/16.5.3
- version/cisco ios xe/16.7.1
- version/cisco ios xe/16.7.2
- version/cisco ios xe/16.7.3
- version/cisco ios xe/16.8.1
- version/cisco ios xe/16.8.1a
- version/cisco ios xe/16.8.1b
- version/cisco ios xe/16.8.1c
- version/cisco ios xe/16.8.1s
- version/cisco ios xe/16.8.2
- version/cisco ios xe/16.8.3
- version/cisco ios xe/16.10.1
- version/cisco ios xe/16.10.1a
- version/cisco ios xe/16.10.1b
- version/cisco ios xe/16.10.1e
- version/cisco ios xe/16.10.1s
- version/cisco ios xe/16.10.2
- version/cisco ios xe/16.10.3
- version/cisco ios xe/16.11.1
- version/cisco ios xe/16.11.1a
- version/cisco ios xe/16.11.1b
- version/cisco ios xe/16.11.1c
- version/cisco ios xe/16.11.1s
- version/cisco ios xe/16.12.1
- version/cisco ios xe/16.12.1a
- version/cisco ios xe/16.12.1c
- version/cisco ios xe/16.12.1s
- version/cisco ios xe/16.12.2
- version/cisco ios xe/16.12.2a
- version/cisco ios xe/16.12.4
- version/cisco ios xe/16.12.8
- canonical/cisco catalyst 9800-40
- canonical/cisco catalyst 9800-80
- canonical/cisco catalyst 9800-cl
- canonical/cisco catalyst 9800-l