CVE-2020-3359

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers (affected versions not specified) Cisco IOS XE Software for Cisco Catalyst 9000 Series (affected versions not specified)

Description: The issue is related to insufficient validation of input data in the multicast DNS (mDNS) feature, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by sending a crafted mDNS packet to an affected device. A successful exploit could cause a device to reload, resulting in a DoS condition.

Recommendations: For Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers, update to a version that includes the fix for this issue. For Cisco IOS XE Software for Cisco Catalyst 9000 Series, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the mDNS feature until a patch is available. Note: Cisco has released software updates that address this vulnerability, and there are no workarounds that address this vulnerability.