cisco

Cisco Aironet Access Point Software

110 Versions 14 CVEs

Versions

Recent CVEs

CVE-2024-20271

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets.

HIGH Mar 27, 2024

CVE-2024-20265

A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this vulnerability by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation checks and load an image that has been tampered with. This image would have been previously downloaded onto the targeted device. A successful exploit could allow the attacker to load the image once. The Cisco Secure Boot functionality is not permanently compromised.

MEDIUM Mar 27, 2024

CVE-2023-20176

A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition.

MEDIUM Sep 27, 2023

CVE-2023-20268

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.  This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.

MEDIUM Sep 27, 2023

Cisco Aironet Access Point Software

Versions

8.7.1.16

8.3.104.37

8.6.1.70

8.3.15.117

8.3.133.0

8.10.181.0

8.8.120.0

8.10.185.0

8.3.15.169

8.8.130.0

8.6.1.84

8.3.140.0

8.10.180.0

8.3.90.36

8.5.101.0

8.10.151.0

8.3.112.0

8.2.161.0

8.5.140.0

8.3.90.58

8.8.111.0

8.4.2.75

8.3.15.25

8.5.131.0

8.3.15.142

8.5.103.0

8.3.150.0

8.10.170.0

8.10.141.0

8.4.1.218

8.2.111.0

8.4.1.142

8.10.182.0

8.2.164.0

8.3.143.0

8.5.120.0

8.3.132.0

8.5.151.0

8.7.102.0

8.3.104.64

8.2.160.0

8.5.160.0

8.10.162.0

8.4.1.91

8.5

8.10.171.0

8.3.108.0

8.7.106.0

8.5.100.0

8.6.101.0

8.5.182.11 ME

8.3.122.0

8.3.90.53

8.3.90.25

8.5.161.0

8.4.100.0

8.3.15.165

8.3.104.14

8.3.200.200

8.5.135.0

8.2.110.0

8.9.100.0

8.8.100.0

8.2.151.0

8.2.141.0

8.10.161.0

8.3.102.0

8.3.121.0

8.3.15.158

8.3.141.0

8.2.170.0

8.3.15.120

8.6.1.71

8.8.125.0

8.10.122.0

8.9.111.0

8.5.110.0

8.2.166.0