First published: Wed Apr 15 2020(Updated: )
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco 5508 Wireless Controller Firmware | =8.8\(120.0\) | |
Cisco 5508 Wireless Controller | ||
Cisco 5520 Wireless Controller Firmware | =8.8\(120.0\) | |
Cisco 5520 Wireless Controller |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Cisco Wireless LAN Controller (WLC) Software vulnerability is CVE-2020-3262.
The severity of CVE-2020-3262 is high with a CVSS score of 7.5.
This vulnerability could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
Cisco 5508 Wireless Controller Firmware version 8.8(120.0) and Cisco 5520 Wireless Controller Firmware version 8.8(120.0) are affected.
Cisco has released updates to address this vulnerability. Please refer to the Cisco Security Advisory for more information.