What is CVE-2019-15264?

CVE-2019-15264 is a high-severity vulnerability in Cisco Aironet Access Point Software, classified under Uncontrolled Resource Consumption. CVSS score: 7.4/10. Published 2019-10-16.

How severe is CVE-2019-15264?

High severity. CVSS v3 base score is 7.4 out of 10.

Resource exhaustion in Cisco Aironet Access Point Software

CVE-2019-15264

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.003 (55.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Aironet Access Point Software — versions unspecified

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

20191016 Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2019-15264?: CVE-2019-15264 is a high-severity vulnerability in Cisco Aironet Access Point Software, classified under Uncontrolled Resource Consumption. CVSS score: 7.4/10. Published 2019-10-16.
How severe is CVE-2019-15264?: High severity. CVSS v3 base score is 7.4 out of 10.