CVE-2020-3221

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers (affected versions not specified)

Description The issue is related to insufficient validation of input data in the Flexible NetFlow Version 9 packet processor. This could allow a remote attacker to cause a denial of service (DoS) condition on an affected device by sending a malformed Flexible NetFlow Version 9 packet to the Control and Provisioning of Wireless Access Points (CAPWAP) data port. The exploit could trigger an infinite loop, resulting in a process crash that would cause a reload of the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.