CVE-2024-20354

Published Mar 27, 2024

Last updated 7 months ago

CVSS medium 4.7

Overview

Description: A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.
Source: psirt@cisco.com
NVD status: Analyzed
Products: wireless_lan_controller_software, ios_xe

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.4
Impact score: 4
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH

Weaknesses

psirt@cisco.com: CWE-460

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "8E1EA626-452F-4B1D-9DFA-1DFC2C948EB3",
            "versionEndExcluding": "8.6.0.0",
            "versionStartIncluding": "8.5.171.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "2D12A362-FA6B-4505-92DC-4F2072B22DB5",
            "versionEndExcluding": "8.10.190.81",
            "versionStartIncluding": "8.10.130.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1530e:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E3FF0BCA-4904-43B2-94F9-2B5A6A996096",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1530i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "17020D8A-4ABE-4C5C-A1BE-945C4A9E92DC",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9BA6C6D9-9980-4EE7-9A7D-02D5D34DE878",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1552s:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F1E891D9-6F4E-4719-ADA2-5128ECEAA9EB",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1552wu:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "FFF6AF41-47AC-41F4-93CE-7E2BA59F3364",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1700i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "7755B1F0-A7EB-482A-9E40-25F6DACFA63A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2700e:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "AA2C4F66-F6B5-4901-9BCE-87A4856D4C34",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2700i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "8010EB74-E5F8-41E0-84D0-A0F21793747C",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3700e:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "BB8E4C40-6015-4C63-AA60-3DB220AC6810",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3700i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "45FDCF87-A36B-4CED-9815-A9A173729B3A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3700p:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "CCE71E9F-BCFE-4F02-9440-3714445CF6D5",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ap801:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A91F8624-B006-44E4-8767-339E96DE8BDB",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ap802:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "4E49EFA9-3D86-491E-8854-826861512925",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ap803:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "FD61BE4C-8C2E-4087-9B03-D5788CCCCF16",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:iw3700:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9919E498-C454-4CEA-A393-19118F4B1589",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9643FDBC-697D-4F87-87F2-5B784833EEBC",
            "versionEndExcluding": "17.1.0",
            "versionStartIncluding": "16.12.4a",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "36DD09BF-ED3C-46EB-86BA-0D70C66ED6EE",
            "versionEndExcluding": "17.3.9",
            "versionStartIncluding": "17.3.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "8AB9DF30-8950-4826-8458-800ED5112A6A",
            "versionEndExcluding": "17.6.7",
            "versionStartIncluding": "17.4.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "59F62008-2AC3-455E-8EFF-42E42CFCE016",
            "versionEndExcluding": "17.9.5",
            "versionStartIncluding": "17.7.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "61B9ED9E-E9D7-4AA4-9C4D-D564B1F871BF",
            "versionEndExcluding": "17.12.2",
            "versionStartIncluding": "17.10.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1530e:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E3FF0BCA-4904-43B2-94F9-2B5A6A996096",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1530i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "17020D8A-4ABE-4C5C-A1BE-945C4A9E92DC",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9BA6C6D9-9980-4EE7-9A7D-02D5D34DE878",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1552s:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F1E891D9-6F4E-4719-ADA2-5128ECEAA9EB",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1552wu:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "FFF6AF41-47AC-41F4-93CE-7E2BA59F3364",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1700i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "7755B1F0-A7EB-482A-9E40-25F6DACFA63A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2700e:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "AA2C4F66-F6B5-4901-9BCE-87A4856D4C34",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2700i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "8010EB74-E5F8-41E0-84D0-A0F21793747C",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3700e:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "BB8E4C40-6015-4C63-AA60-3DB220AC6810",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3700i:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "45FDCF87-A36B-4CED-9815-A9A173729B3A",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3700p:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "CCE71E9F-BCFE-4F02-9440-3714445CF6D5",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ap801:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A91F8624-B006-44E4-8767-339E96DE8BDB",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ap802:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "4E49EFA9-3D86-491E-8854-826861512925",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:ap803:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "FD61BE4C-8C2E-4087-9B03-D5788CCCCF16",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:cisco:iw3700:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9919E498-C454-4CEA-A393-19118F4B1589",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References