CVE-2020-3428
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service Vulnerability
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.
Una vulnerabilidad en la funcionalidad WLAN Local Profiling de Cisco IOS XE Wireless Controller Software para Cisco Catalyst 9000 Family, podría permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un análisis incorrecto de paquetes HTTP mientras se llevan a cabo clasificaciones de dispositivos endpoint basadas en HTTP. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete HTTP diseñado hacia un dispositivo afectado. Una explotación con éxito podría hacer que un dispositivo afectado se reinicie, resultando una condición DoS.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-12-12 CVE Reserved
- 2020-09-24 CVE Published
- 2023-12-27 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 1100 Integrated Services Router Search vendor "Cisco" for product "1100 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 1101 Integrated Services Router Search vendor "Cisco" for product "1101 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 1109 Integrated Services Router Search vendor "Cisco" for product "1109 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 1111x Integrated Services Router Search vendor "Cisco" for product "1111x Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 111x Integrated Services Router Search vendor "Cisco" for product "111x Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 1120 Integrated Services Router Search vendor "Cisco" for product "1120 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 1160 Integrated Services Router Search vendor "Cisco" for product "1160 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4221 Integrated Services Router Search vendor "Cisco" for product "4221 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4321 Integrated Services Router Search vendor "Cisco" for product "4321 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4331 Integrated Services Router Search vendor "Cisco" for product "4331 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4351 Integrated Services Router Search vendor "Cisco" for product "4351 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4431 Integrated Services Router Search vendor "Cisco" for product "4431 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4451-x Integrated Services Router Search vendor "Cisco" for product "4451-x Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | 4461 Integrated Services Router Search vendor "Cisco" for product "4461 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1001-hx Search vendor "Cisco" for product "Asr 1001-hx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1001-x Search vendor "Cisco" for product "Asr 1001-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1002-hx Search vendor "Cisco" for product "Asr 1002-hx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1002-x Search vendor "Cisco" for product "Asr 1002-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1004 Search vendor "Cisco" for product "Asr 1004" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1006 Search vendor "Cisco" for product "Asr 1006" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1006-x Search vendor "Cisco" for product "Asr 1006-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1009-x Search vendor "Cisco" for product "Asr 1009-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1013 Search vendor "Cisco" for product "Asr 1013" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-40 Search vendor "Cisco" for product "Catalyst 9800-40" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-80 Search vendor "Cisco" for product "Catalyst 9800-80" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-cl Search vendor "Cisco" for product "Catalyst 9800-cl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-l Search vendor "Cisco" for product "Catalyst 9800-l" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-l-c Search vendor "Cisco" for product "Catalyst 9800-l-c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-l-f Search vendor "Cisco" for product "Catalyst 9800-l-f" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200-24p Search vendor "Cisco" for product "Catalyst C9200-24p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200-24t Search vendor "Cisco" for product "Catalyst C9200-24t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200-48p Search vendor "Cisco" for product "Catalyst C9200-48p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200-48t Search vendor "Cisco" for product "Catalyst C9200-48t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-24p-4g Search vendor "Cisco" for product "Catalyst C9200l-24p-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-24p-4x Search vendor "Cisco" for product "Catalyst C9200l-24p-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-24pxg-2y Search vendor "Cisco" for product "Catalyst C9200l-24pxg-2y" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-24pxg-4x Search vendor "Cisco" for product "Catalyst C9200l-24pxg-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-24t-4g Search vendor "Cisco" for product "Catalyst C9200l-24t-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-24t-4x Search vendor "Cisco" for product "Catalyst C9200l-24t-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9200l-48p-4g Search vendor "Cisco" for product "Catalyst C9200l-48p-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-24p Search vendor "Cisco" for product "Catalyst C9300-24p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-24s Search vendor "Cisco" for product "Catalyst C9300-24s" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-24t Search vendor "Cisco" for product "Catalyst C9300-24t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-24u Search vendor "Cisco" for product "Catalyst C9300-24u" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-24ux Search vendor "Cisco" for product "Catalyst C9300-24ux" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-48p Search vendor "Cisco" for product "Catalyst C9300-48p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-48s Search vendor "Cisco" for product "Catalyst C9300-48s" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-48t Search vendor "Cisco" for product "Catalyst C9300-48t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-48u Search vendor "Cisco" for product "Catalyst C9300-48u" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-48un Search vendor "Cisco" for product "Catalyst C9300-48un" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300-48uxm Search vendor "Cisco" for product "Catalyst C9300-48uxm" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-24p-4g Search vendor "Cisco" for product "Catalyst C9300l-24p-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-24p-4x Search vendor "Cisco" for product "Catalyst C9300l-24p-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-24t-4g Search vendor "Cisco" for product "Catalyst C9300l-24t-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-24t-4x Search vendor "Cisco" for product "Catalyst C9300l-24t-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-48p-4g Search vendor "Cisco" for product "Catalyst C9300l-48p-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-48p-4x Search vendor "Cisco" for product "Catalyst C9300l-48p-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-48t-4g Search vendor "Cisco" for product "Catalyst C9300l-48t-4g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9300l-48t-4x Search vendor "Cisco" for product "Catalyst C9300l-48t-4x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9404r Search vendor "Cisco" for product "Catalyst C9404r" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9407r Search vendor "Cisco" for product "Catalyst C9407r" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9410r Search vendor "Cisco" for product "Catalyst C9410r" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-12q Search vendor "Cisco" for product "Catalyst C9500-12q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-16x Search vendor "Cisco" for product "Catalyst C9500-16x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-24q Search vendor "Cisco" for product "Catalyst C9500-24q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-24y4c Search vendor "Cisco" for product "Catalyst C9500-24y4c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-32c Search vendor "Cisco" for product "Catalyst C9500-32c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-32qc Search vendor "Cisco" for product "Catalyst C9500-32qc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-40x Search vendor "Cisco" for product "Catalyst C9500-40x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9500-48y4c Search vendor "Cisco" for product "Catalyst C9500-48y4c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst C9600 Switch Search vendor "Cisco" for product "Catalyst C9600 Switch" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Cloud Services Router 1000v Search vendor "Cisco" for product "Cloud Services Router 1000v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | - | - |
Affected
| in | Cisco Search vendor "Cisco" | Integrated Services Virtual Router Search vendor "Cisco" for product "Integrated Services Virtual Router" | - | - |
Safe
|