admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-203xx/CVE-2024-20303.json
cad-safe-bot 0c245865ae Auto-Update: 2025-01-26T03:00:19.791548+00:00
2025-01-26 03:03:52 +00:00

64 lines
3.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-20303",
"sourceIdentifier": "psirt@cisco.com",
"published": "2024-03-27T17:15:51.880",
"lastModified": "2024-11-21T08:52:18.157",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper management of mDNS client entries. An attacker could exploit this vulnerability by connecting to the wireless network and sending a continuous stream of specific mDNS packets. A successful exploit could allow the attacker to cause the wireless controller to have high CPU utilization, which could lead to access points (APs) losing their connection to the controller and result in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de puerta de enlace DNS de multidifusi\u00f3n (mDNS) del software Cisco IOS XE para controladores de LAN inal\u00e1mbrica (WLC) podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una gesti\u00f3n inadecuada de las entradas del cliente mDNS. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose a la red inal\u00e1mbrica y enviando un flujo continuo de paquetes mDNS espec\u00edficos. Un exploit exitoso podr\u00eda permitir que el atacante haga que el controlador inal\u00e1mbrico tenga una alta utilizaci\u00f3n de la CPU, lo que podr\u00eda llevar a que los puntos de acceso (AP) pierdan su conexi\u00f3n con el controlador y resulte en una condici\u00f3n DoS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-mdns-dos-4hv6pBGf",
"source": "psirt@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-mdns-dos-4hv6pBGf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink