CVE-2024-20354
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/03/2024
Last modified:
13/08/2025
Description
A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.<br />
<br />
This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:* | 8.5.171.0 (including) | 8.6.0.0 (excluding) |
| cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:* | 8.10.130.0 (including) | 8.10.190.81 (excluding) |
| cpe:2.3:h:cisco:aironet_1530e:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1530i:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1552s:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1552wu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_1700i:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_2700e:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_2700i:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3700e:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3700i:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:aironet_3700p:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:ap801:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:ap802:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page