Lucene search

CiscoCISCO-SA-IOSXE-EWLC-DOS-TKUPVMZN

HistoryJun 03, 2020 - 4:00 p.m.

Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability

2020-06-0316:00:00

tools.cisco.com

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition.

The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewlc-dos-TkuPVmZN [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewlc-dos-TkuPVmZN”]

This advisory is part of the June 3, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 23 Cisco Security Advisories that describe 25 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [" https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73388"].

Affected configurations

Vulners

Node

ciscocisco_ios_xe_softwareMatch16.1

ciscocisco_ios_xe_softwareMatch16.2

ciscocisco_ios_xe_softwareMatch16.3

ciscocisco_ios_xe_softwareMatch16.4

ciscocisco_ios_xe_softwareMatch16.5

ciscocisco_ios_xe_softwareMatch16.7

ciscocisco_ios_xe_softwareMatch16.8

ciscocisco_ios_xe_softwareMatch16.10

ciscocisco_ios_xe_softwareMatch16.11

ciscocisco_ios_xe_softwareMatch16.12

ciscocisco_ios_xe_softwareMatch17.1

ciscocisco_ios_xe_softwareMatch16.1.1

ciscocisco_ios_xe_softwareMatch16.1.2

ciscocisco_ios_xe_softwareMatch16.1.3

ciscocisco_ios_xe_softwareMatch16.2.1

ciscocisco_ios_xe_softwareMatch16.2.2

ciscocisco_ios_xe_softwareMatch16.3.1

ciscocisco_ios_xe_softwareMatch16.3.2

ciscocisco_ios_xe_softwareMatch16.3.3

ciscocisco_ios_xe_softwareMatch16.3.1a

ciscocisco_ios_xe_softwareMatch16.3.4

ciscocisco_ios_xe_softwareMatch16.3.5

ciscocisco_ios_xe_softwareMatch16.3.5b

ciscocisco_ios_xe_softwareMatch16.3.6

ciscocisco_ios_xe_softwareMatch16.3.7

ciscocisco_ios_xe_softwareMatch16.3.8

ciscocisco_ios_xe_softwareMatch16.3.9

ciscocisco_ios_xe_softwareMatch16.4.1

ciscocisco_ios_xe_softwareMatch16.4.2

ciscocisco_ios_xe_softwareMatch16.4.3

ciscocisco_ios_xe_softwareMatch16.5.1

ciscocisco_ios_xe_softwareMatch16.5.1a

ciscocisco_ios_xe_softwareMatch16.5.1b

ciscocisco_ios_xe_softwareMatch16.5.2

ciscocisco_ios_xe_softwareMatch16.5.3

ciscocisco_ios_xe_softwareMatch16.7.1

ciscocisco_ios_xe_softwareMatch16.7.2

ciscocisco_ios_xe_softwareMatch16.7.3

ciscocisco_ios_xe_softwareMatch16.8.1

ciscocisco_ios_xe_softwareMatch16.8.1a

ciscocisco_ios_xe_softwareMatch16.8.1b

ciscocisco_ios_xe_softwareMatch16.8.1s

ciscocisco_ios_xe_softwareMatch16.8.1c

ciscocisco_ios_xe_softwareMatch16.8.2

ciscocisco_ios_xe_softwareMatch16.8.3

ciscocisco_ios_xe_softwareMatch16.10.1

ciscocisco_ios_xe_softwareMatch16.10.1a

ciscocisco_ios_xe_softwareMatch16.10.1b

ciscocisco_ios_xe_softwareMatch16.10.1s

ciscocisco_ios_xe_softwareMatch16.10.1e

ciscocisco_ios_xe_softwareMatch16.10.2

ciscocisco_ios_xe_softwareMatch16.10.3

ciscocisco_ios_xe_softwareMatch16.11.1

ciscocisco_ios_xe_softwareMatch16.11.1a

ciscocisco_ios_xe_softwareMatch16.11.1b

ciscocisco_ios_xe_softwareMatch16.11.2

ciscocisco_ios_xe_softwareMatch16.11.1s

ciscocisco_ios_xe_softwareMatch16.11.1c

ciscocisco_ios_xe_softwareMatch16.12.1

ciscocisco_ios_xe_softwareMatch16.12.1s

ciscocisco_ios_xe_softwareMatch16.12.1a

ciscocisco_ios_xe_softwareMatch16.12.1c

ciscocisco_ios_xe_softwareMatch16.12.2

ciscocisco_ios_xe_softwareMatch16.12.2a

ciscocisco_ios_xe_softwareMatch16.12.8

ciscocisco_ios_xe_softwareMatch16.12.9

ciscocisco_ios_xe_softwareMatch16.12.10

ciscocisco_ios_xe_softwareMatch16.12.10a

ciscocisco_ios_xe_softwareMatch16.12.11

ciscocisco_ios_xe_softwareMatch17.1.1

ciscocisco_ios_xe_softwareMatch17.1.1a

VendorProductVersionCPE
ciscocisco_ios_xe_software16.1cpe:2.3:a:cisco:cisco_ios_xe_software:16.1:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.2cpe:2.3:a:cisco:cisco_ios_xe_software:16.2:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.3cpe:2.3:a:cisco:cisco_ios_xe_software:16.3:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.4cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.5cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.7cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.8cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10cpe:2.3:a:cisco:cisco_ios_xe_software:16.10:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.11cpe:2.3:a:cisco:cisco_ios_xe_software:16.11:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.12cpe:2.3:a:cisco:cisco_ios_xe_software:16.12:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios_xe_software	16.1	cpe:2.3:a:cisco:cisco_ios_xe_software:16.1:::::::*
cisco	cisco_ios_xe_software	16.2	cpe:2.3:a:cisco:cisco_ios_xe_software:16.2:::::::*
cisco	cisco_ios_xe_software	16.3	cpe:2.3:a:cisco:cisco_ios_xe_software:16.3:::::::*
cisco	cisco_ios_xe_software	16.4	cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:::::::*
cisco	cisco_ios_xe_software	16.5	cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:::::::*
cisco	cisco_ios_xe_software	16.7	cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:::::::*
cisco	cisco_ios_xe_software	16.8	cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:::::::*
cisco	cisco_ios_xe_software	16.10	cpe:2.3:a:cisco:cisco_ios_xe_software:16.10:::::::*
cisco	cisco_ios_xe_software	16.11	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11:::::::*
cisco	cisco_ios_xe_software	16.12	cpe:2.3:a:cisco:cisco_ios_xe_software:16.12:::::::*