How severe is CVE-2024-20303?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2024-20303?

This is classified as CWE-459, which is a common weakness in software security.

CVE-2024-20303 - HIGH Severity | CVSS 7.4

Vulnerability Description

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of mDNS client entries. An attacker could exploit this vulnerability by connecting to the wireless network and sending a continuous stream of specific mDNS packets. A successful exploit could allow the attacker to cause the wireless controller to have high CPU utilization, which could lead to access points (APs) losing their connection to the controller and result in a DoS condition.

Related Vulnerabilities

CVE-2002-2066

HIGH

CVSS:7.5(High)

BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information tha...

CWE-4592002

CVE-2002-2067

HIGH

CVSS:7.5(High)

East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be dele...

CWE-4592002

CVE-2002-2068

HIGH

CVSS:7.5(High)

Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.

CWE-4592002

CVE-2002-2069

HIGH

CVSS:7.5(High)

PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.

CWE-4592002

CVE-2002-2070

HIGH

CVSS:7.5(High)

SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be d...

CWE-4592002

CVE-2017-0303

HIGH

CVSS:7.5(High)

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections hand...

CWE-4592017