CVE-2020-26139

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

Severity	MEDIUM
CVSS	5.3
CWE	CWE-287
KEV
Published	5 years ago
Modified	1 month ago

Related Products

Product	Advisory	Evidence
Cisco Webex Room Phone	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco TelePresence Endpoint Software (TC/CE)	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco TelePresence	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco IP phone	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco IP Phones with Multiplatform Firmware	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Business Wireless Access Point Software	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Aironet Access Point Software (IOS XE Controller)	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Aironet Access Point Software	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln