Vulnerabilities > Cisco > Aironet 3800 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2020-24587 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. | 2.6 |
| 2021-05-11 | CVE-2020-26139 | Improper Authentication vulnerability in multiple products An issue was discovered in the kernel in NetBSD 7.1. | 5.3 |
| 2021-05-11 | CVE-2020-26140 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. | 6.5 |
| 2019-10-16 | CVE-2019-15265 | Improper Input Validation vulnerability in Cisco products A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. | 6.5 |
| 2019-10-16 | CVE-2019-15264 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. | 6.5 |
| 2019-10-16 | CVE-2019-15260 | Unspecified vulnerability in Cisco products A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. | 9.8 |
| 2017-11-02 | CVE-2017-12283 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Aironet 3800 Firmware A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. | 6.1 |
| 2017-11-02 | CVE-2017-12281 | Improper Authentication vulnerability in Cisco products A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an unauthenticated, adjacent attacker to bypass authentication and connect to an affected device. | 7.5 |
| 2017-11-02 | CVE-2017-12274 | Improper Input Validation vulnerability in Cisco products A vulnerability in Extensible Authentication Protocol (EAP) ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent attacker to cause the Access Point (AP) to reload, resulting in a denial of service (DoS) condition. | 6.5 |
| 2017-11-02 | CVE-2017-12273 | Improper Input Validation vulnerability in Cisco products A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent attacker to cause the Access Point (AP) to reload, resulting in a denial of service (DoS) condition. | 6.5 |