CVE-2020-3203

Name of the Vulnerable Software and Affected Versions Cisco Catalyst 9800 Series Wireless Controllers running Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the locally significant certificate (LSC) provisioning feature could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.