CVE-2020-3559: Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability
First published: Thu Sep 24 2020(Updated: )
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Wireless LAN Controllers | >=8.9<8.10.112.0 | |
| Cisco 1111-4pwe | ||
| Cisco 1111-8plteeawb | ||
| Cisco 1111-8pwb | ||
| Cisco 1113-8plteeawe | ||
| Cisco 1113-8pmwe | ||
| Cisco 1113-8pwe | ||
| Cisco 1116-4plteeawe | ||
| Cisco 1116-4pwe | ||
| Cisco c1117-4p | ||
| Cisco c1117-4p | ||
| Cisco c1117-4p | ||
| Cisco c1117-4p | ||
| Cisco Aironet 1815 | ||
| Cisco Aironet 1830E Firmware | ||
| Cisco Aironet 1830i Firmware | ||
| Cisco Aironet 1850E Firmware | ||
| Cisco Aironet 1850i Firmware | ||
| Cisco Business 140ac Access Point firmware | ||
| Cisco Business 145ac Access Point firmware | ||
| Cisco Business 240ac Access Point firmware | ||
| Cisco Business Access Points | >=10.0<10.1.1.0 | |
| Cisco Access Points | <16.12.4a | |
| Cisco Catalyst 9800-40 | ||
| Cisco Catalyst 9800-80 | ||
| Cisco Catalyst 9800-L | ||
| Cisco Catalyst 9800-L firmware | ||
| Cisco Catalyst 9800-L | ||
| Cisco Catalyst 9800-L | ||
| Cisco Access Point Software | =8.5\(151.0\) | |
| Cisco Access Point Software | =17.2.0.26 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-3559?
CVE-2020-3559 is a vulnerability in Cisco Aironet Access Point (AP) Software that could allow an unauthenticated remote attacker to cause a device to reload.
How does the vulnerability in Cisco Aironet Access Point (AP) Software occur?
The vulnerability is due to improper handling of clients trying to connect to the AP.
What is the severity of CVE-2020-3559?
The severity of CVE-2020-3559 is high with a CVSS score of 8.6.
Which software versions are affected by CVE-2020-3559?
The affected software versions are Cisco Wireless LAN Controller 8.9 to 8.10.112.0.
How can I fix the CVE-2020-3559 vulnerability?
To fix the vulnerability, it is recommended to upgrade the Cisco Aironet Access Point (AP) Software to a version that is not vulnerable.
- agent/type
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/severity
- agent/title
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco wireless lan controllers
- version/cisco wireless lan controllers/8.9
- canonical/cisco 1111-4pwe
- canonical/cisco 1111-8plteeawb
- canonical/cisco 1111-8pwb
- canonical/cisco 1113-8plteeawe
- canonical/cisco 1113-8pmwe
- canonical/cisco 1113-8pwe
- canonical/cisco 1116-4plteeawe
- canonical/cisco 1116-4pwe
- canonical/cisco c1117-4p
- canonical/cisco aironet 1815
- canonical/cisco aironet 1830e firmware
- canonical/cisco aironet 1830i firmware
- canonical/cisco aironet 1850e firmware
- canonical/cisco aironet 1850i firmware
- canonical/cisco business 140ac access point firmware
- canonical/cisco business 145ac access point firmware
- canonical/cisco business 240ac access point firmware
- canonical/cisco business access points
- version/cisco business access points/10.0
- canonical/cisco access points
- canonical/cisco catalyst 9800-40
- canonical/cisco catalyst 9800-80
- canonical/cisco catalyst 9800-l
- canonical/cisco catalyst 9800-l firmware
- canonical/cisco access point software
- version/cisco access point software/8.5\(151.0\)
- version/cisco access point software/17.2.0.26