CVE-2020-3487: Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities
First published: Thu Sep 24 2020(Updated: )
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE | ||
| Cisco Catalyst 9115 Ap | ||
| Cisco Catalyst 9117 Ap | ||
| Cisco Catalyst 9120 Ap | ||
| Cisco Catalyst 9130 Ap | ||
| Cisco Catalyst 9800-40 | ||
| Cisco Catalyst 9800-80 | ||
| Cisco Catalyst 9800-cl | ||
| Cisco Catalyst 9800-l | ||
| Cisco Catalyst 9800 Embedded Wireless Controller |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-3487?
CVE-2020-3487 is a vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers.
What is the severity of CVE-2020-3487?
CVE-2020-3487 has a severity of 6.5 (high).
How can an attacker exploit CVE-2020-3487?
An unauthenticated, adjacent attacker can exploit CVE-2020-3487 to cause a denial of service (DoS) condition on an affected device.
Which software versions are affected by CVE-2020-3487?
Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers is affected by CVE-2020-3487.
How do I fix CVE-2020-3487?
Cisco has provided patches and software updates to address CVE-2020-3487. It is recommended to update to the latest available version.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/cisco
- canonical/cisco ios xe
- canonical/cisco catalyst 9115 ap
- canonical/cisco catalyst 9117 ap
- canonical/cisco catalyst 9120 ap
- canonical/cisco catalyst 9130 ap
- canonical/cisco catalyst 9800-40
- canonical/cisco catalyst 9800-80
- canonical/cisco catalyst 9800-cl
- canonical/cisco catalyst 9800-l
- canonical/cisco catalyst 9800 embedded wireless controller