How severe is CVE-2024-20354?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2024-20354?

This is classified as CWE-460, which is a common weakness in software security.

CVE-2024-20354 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.

Related Vulnerabilities

CVE-2019-14891

MEDIUM

CVSS:5.0(Medium)

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload proces...

CWE-4602019

CVE-2020-14304

MEDIUM

CVSS:4.4(Medium)

A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the ke...

CWE-4602020

CVE-2016-9592

MEDIUM

CVSS:4.3(Medium)

openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete operation ...

CWE-4602016

CVE-2022-3301

MEDIUM

CVSS:4.3(Medium)

Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.

CWE-4602022

CVE-2017-15127

MEDIUM

CVSS:5.5(Medium)

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local deni...

CWE-4602017

CVE-2022-3707

MEDIUM

CVSS:5.5(Medium)

A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This i...

CWE-4602022