CVE-2020-3559 MEDIUM

CVE-2020-3559: Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability

Vendor Cisco
Product Cisco Aironet Access Point Software
Weakness CWE-400
Published September 24, 2020
Last update November 13, 2024

CVSS base score

6.8/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Key dates

02Disclosure timeline

September 24, 2020 CVE published
November 13, 2024 Record updated