Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-24586 (GCVE-0-2020-24586)
Vulnerability from cvelistv5 – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI
EPSS
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
Severity
CWE
- n/a
Assigner
References
9 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24586",
"datePublished": "2021-05-11T00:00:00.000Z",
"dateReserved": "2020-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:19:08.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-24586",
"date": "2026-06-04",
"epss": "0.01457",
"percentile": "0.8117"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-24586\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-05-11T20:15:08.537\",\"lastModified\":\"2024-11-21T05:15:03.803\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.\"},{\"lang\":\"es\",\"value\":\"El est\u00e1ndar 802.11 que sustenta a Wi-Fi Protected Access (WPA, WPA2, y WPA3) y Wired Equivalent Privacy (WEP) no requiere que los fragmentos recibidos se borren de la memoria despu\u00e9s de (re)conectarse a una red.\u0026#xa0;En las circunstancias adecuadas, cuando otro dispositivo env\u00eda tramas fragmentadas cifradas mediante WEP, CCMP o GCMP, se puede abusar de esto para inyectar paquetes de red arbitrarios y/o exfiltrar datos del usuario\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":2.9,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA94FAA4-9BBF-402D-8B33-20A5E8AAFC5D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linux:mac80211:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20B7EA3B-CCBA-4483-9BDD-DC8ED8689A22\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"B22D5837-A2CC-41AB-8252-1724345AEDC5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE97F0AD-8658-476A-8E22-DA67A5FD9F73\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"4180BE58-3CA0-4FFD-B5BE-44E36FDE5F89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A006A8BD-D56E-40C2-ADD2-C11759153808\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"59BE4F3A-477A-4DE9-B293-F2AF2CCED9A3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B18F4E-4968-493A-BC90-5D8D7F619F39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"96A0A5F0-B046-4B53-92BC-D21705B1597C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54878C0D-8842-490F-B556-76AF47A65891\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.0.0-36\",\"matchCriteriaId\":\"C62FEC63-9790-44DF-8AA0-050E89E883B1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F81C550-CE6F-4E68-A088-5EC0CEF40600\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax210_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"1C073E29-FABA-4A07-A833-0E0A2CA5C9F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F226D74C-4A48-4AC0-A565-A00D555E27D6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax201_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"3A5420D2-2979-4BA7-8BF5-2F522CCE3C74\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4649D446-130B-4B31-B9ED-BA7F9F7EEB8F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"7EC9FE51-D078-41C0-80DB-21820AD151C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9903E2E-A670-40D4-8B9F-D2C0CFDBFC9F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9560_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"D239D907-FE04-4E02-B4BF-7F0A24CCC781\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D382D4A1-C8FD-4B47-B2C4-145232EC8AC5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9462_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"EDD21C53-CCBA-43FD-9DF7-A087705EC26E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E89EB0D-233A-486A-BDAE-F5726432CD7E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9461_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"19F30CC4-1D90-4298-BE72-307F8CD9C8E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A11E55E8-5FA9-4ED7-AB61-03F22EE1759B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"F8D25023-2C51-4186-BEE6-0C1096181C7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2795E42-D044-4D48-BCB2-61CC1A3471B1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_8265_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.70.21.2\",\"matchCriteriaId\":\"1091737E-15B8-4F29-AFC7-DAB19B4736DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C08E2F3E-C4B5-4227-A88D-C50E209A12CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_8260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.70.21.2\",\"matchCriteriaId\":\"33EF2DC9-CD1E-43C1-88AF-9E83E2E4EC81\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_3168_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.51.33.1\",\"matchCriteriaId\":\"9F779EAF-1408-4994-9701-CE24AC5FB8A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5B2BCE-2D8A-440C-B866-76E035314022\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_7265_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.51.33.1\",\"matchCriteriaId\":\"FE6B04BC-69A8-469C-8364-F8CA6F5B09D2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9F1CE7-8F14-4526-A857-7B954EC4BB6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_3165_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.51.33.1\",\"matchCriteriaId\":\"42A7C347-86AF-4397-B227-C636D352CB87\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"197A3DA1-B8EF-438F-B933-32253C43C8EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax1675_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DAB2B67-5C39-4438-8E36-3F740A697599\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax1675:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F407ACA-0952-4717-A302-2D5CEB6DB111\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax1650_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B39FB813-1EC0-4B5C-B8CB-F5129DBF94C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B944F7-4A5F-41D0-A910-6F978F66CAA0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_1550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A66D96C8-7C0D-4615-B825-A15DBB37B920\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12419474-DB56-462D-9116-3614A4BBAF20\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.4\",\"versionEndExcluding\":\"4.4.271\",\"matchCriteriaId\":\"C2C083CF-3D4D-4AF0-8461-835F6AC264CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.9\",\"versionEndExcluding\":\"4.9.271\",\"matchCriteriaId\":\"11580478-2F79-45B8-9BC0-FEF28259A4F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.14.235\",\"matchCriteriaId\":\"970E3D3C-8829-4599-95A7-AC63136CE48E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19\",\"versionEndExcluding\":\"4.19.193\",\"matchCriteriaId\":\"FC7D3563-5878-403A-9BB7-6C44E6FE10A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4\",\"versionEndExcluding\":\"5.4.124\",\"matchCriteriaId\":\"01D49B11-5E8A-427F-B9BE-8A5174DEDD65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10\",\"versionEndExcluding\":\"5.10.42\",\"matchCriteriaId\":\"B39B1E70-2AF7-4482-9ADF-45A1C04A4BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12\",\"versionEndExcluding\":\"5.12.9\",\"matchCriteriaId\":\"3B1CFA77-6B5E-430C-AC49-3B3508F2D903\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/11/12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.fragattacks.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/11/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.fragattacks.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-535
Vulnerability from certfr_avis - Published: 2021-07-16 - Updated: 2021-07-16
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP4-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | N/A | SUSE MicroOS 5.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-EXTRA | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE MicroOS 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-EXTRA",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2021-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0605"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"name": "CVE-2019-25045",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25045"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"name": "CVE-2021-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-33624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33624"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
}
],
"initial_release_date": "2021-07-16T00:00:00",
"last_revision_date": "2021-07-16T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-535",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212324-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212324-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212349-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212349-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212361-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212361-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212344-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212344-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212367-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212367-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212352-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212352-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212372-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212372-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212325-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212325-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212366-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212366-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212368-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212368-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212332-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212332-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212303-1 du 13 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212303-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-202114764-1 du 13 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-202114764-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212321-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212321-1/"
}
]
}
CERTFR-2021-AVI-552
Vulnerability from certfr_avis - Published: 2021-07-21 - Updated: 2021-07-21
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 21.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3587"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2021-3506",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3506"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-33200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33200"
},
{
"name": "CVE-2021-31829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31829"
},
{
"name": "CVE-2021-28691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28691"
}
],
"initial_release_date": "2021-07-21T00:00:00",
"last_revision_date": "2021-07-21T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-552",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5014-1 du 20 juillet 2021",
"url": "https://ubuntu.com/security/notices/USN-5014-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5016-1 du 20 juillet 2021",
"url": "https://ubuntu.com/security/notices/USN-5016-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5017-1 du 20 juillet 2021",
"url": "https://ubuntu.com/security/notices/USN-5017-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5018-1 du 20 juillet 2021",
"url": "https://ubuntu.com/security/notices/USN-5018-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5015-1 du 20 juillet 2021",
"url": "https://ubuntu.com/security/notices/USN-5015-1"
}
]
}
CERTFR-2021-AVI-563
Vulnerability from certfr_avis - Published: 2021-07-22 - Updated: 2021-07-22
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-LTSS | ||
| SUSE | N/A | SUSE CaaS Platform 4.0 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-ESPOS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS | ||
| SUSE | N/A | SUSE MicroOS 5.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP1 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP2 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-BCL | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | N/A | SUSE Enterprise Storage 6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE CaaS Platform 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE MicroOS 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2021-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0605"
},
{
"name": "CVE-2021-35039",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35039"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"name": "CVE-2021-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3609"
},
{
"name": "CVE-2021-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"name": "CVE-2021-33624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33624"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"name": "CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"name": "CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-3491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3491"
},
{
"name": "CVE-2021-33200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33200"
},
{
"name": "CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
}
],
"initial_release_date": "2021-07-22T00:00:00",
"last_revision_date": "2021-07-22T00:00:00",
"links": [
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-33624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33624"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-33200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33200"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212427-1 du 21 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212427-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212422-1 du 21 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212422-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212421-1 du 21 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212421-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-3491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3491"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3609"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0605"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-35039",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35039"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212426-1 du 21 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212426-1/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212433-1 du 21 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212433-1"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212438-1 du 21 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212438-1/"
}
],
"reference": "CERTFR-2021-AVI-563",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": []
}
CERTFR-2021-AVI-570
Vulnerability from certfr_avis - Published: 2021-07-23 - Updated: 2021-07-23
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-BCL | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-LTSS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP3 | ||
| SUSE | N/A | HPE Helion Openstack 8 | ||
| SUSE | N/A | SUSE OpenStack Cloud 8 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 8 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP3 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "HPE Helion Openstack 8",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 8",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2021-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0605"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"name": "CVE-2021-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3609"
},
{
"name": "CVE-2021-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"name": "CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
}
],
"initial_release_date": "2021-07-23T00:00:00",
"last_revision_date": "2021-07-23T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-570",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212453-1 du 22 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212453-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212451-1 du 22 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212451-1/"
}
]
}
CERTFR-2021-AVI-864
Vulnerability from certfr_avis - Published: 2021-11-12 - Updated: 2021-11-12
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le | ||
| Red Hat | N/A | Red Hat Virtualization Host 4 for RHEL 8 x86_64 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 8 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 8 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Virtualization Host 4 for RHEL 8 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-29368",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29368"
},
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2021-20239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20239"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3600"
},
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2021-3679",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3679"
},
{
"name": "CVE-2021-31440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31440"
},
{
"name": "CVE-2020-29660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29660"
},
{
"name": "CVE-2020-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"name": "CVE-2020-26143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"name": "CVE-2021-31916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31916"
},
{
"name": "CVE-2021-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3635"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2020-24504",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24504"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28971"
},
{
"name": "CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"name": "CVE-2020-26140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"name": "CVE-2021-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3659"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2020-24502",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24502"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2020-36158",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36158"
},
{
"name": "CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"name": "CVE-2020-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3489",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3489"
},
{
"name": "CVE-2020-24503",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24503"
},
{
"name": "CVE-2021-3348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3348"
},
{
"name": "CVE-2021-20194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20194"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2021-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3732"
},
{
"name": "CVE-2021-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29155"
},
{
"name": "CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"name": "CVE-2021-33200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33200"
},
{
"name": "CVE-2021-31829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31829"
},
{
"name": "CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
},
{
"name": "CVE-2021-29646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29646"
},
{
"name": "CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
}
],
"initial_release_date": "2021-11-12T00:00:00",
"last_revision_date": "2021-11-12T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-864",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-11-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRed Hat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2021:4356 du 10 novembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:4356"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2021:4140 du 09 novembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
}
]
}
CERTFR-2022-AVI-075
Vulnerability from certfr_avis - Published: 2022-01-24 - Updated: 2022-01-24
De multiples vulnérabilités ont été découvertes dans les produits SonicWall. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- SonicWall TZs TZ270W, TZ370W, TZ470W et TZ570W versions antérieures à 7.0.1-5024
- SonicWave APs GEN7/WNM 231o, 231c, 224w, 432o, 432e et 432i versions antérieures à 9.2.3.6_2
- SonicWave APs GEN6 UTM 231o, 231c, 224w, 432o, 432e et 432i versions antérieures à 9.2.3.0_49
- SOHO250W, pas de correctif proposé par l'éditeur
- SonicPoint APs ACe, ACi et N2, pas de correctif proposé par l'éditeur
- SonicWall TZs TZ300W et TZ400W, pas de correctif proposé par l'éditeur
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eSonicWall TZs TZ270W, TZ370W, TZ470W et TZ570W versions ant\u00e9rieures \u00e0 7.0.1-5024\u003c/li\u003e \u003cli\u003eSonicWave APs GEN7/WNM 231o, 231c, 224w, 432o, 432e et 432i versions ant\u00e9rieures \u00e0 9.2.3.6_2\u003c/li\u003e \u003cli\u003eSonicWave APs GEN6 UTM 231o, 231c, 224w, 432o, 432e et 432i versions ant\u00e9rieures \u00e0 9.2.3.0_49\u003c/li\u003e \u003c/ul\u003e \u003cul\u003e \u003cli\u003eSOHO250W, pas de correctif propos\u00e9 par l\u0027\u00e9diteur\u003c/li\u003e \u003cli\u003eSonicPoint APs ACe, ACi et N2, pas de correctif propos\u00e9 par l\u0027\u00e9diteur\u003c/li\u003e \u003cli\u003eSonicWall TZs TZ300W et TZ400W, pas de correctif propos\u00e9 par l\u0027\u00e9diteur\u003c/li\u003e \u003c/ul\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2020-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"name": "CVE-2020-26143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2020-26140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
}
],
"initial_release_date": "2022-01-24T00:00:00",
"last_revision_date": "2022-01-24T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-075",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-01-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSonicWall. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SonicWall",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SonicWall SNWLID-2021-0015 du 21 janvier 2022",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0015"
}
]
}
CERTFR-2022-AVI-706
Vulnerability from certfr_avis - Published: 2022-08-04 - Updated: 2022-08-04
De multiples vulnérabilités ont été découvertes dans les produits Belden. Elles permettent à un attaquant de provoquer un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BAT-C2 versions ant\u00e9rieures \u00e0 09.12.01.00R01",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "OpenBAT, WLC, BAT450 versions ant\u00e9rieures \u00e0 10.12-RU6, 10.12-RU7",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "EagleSDV versions ant\u00e9rieures \u00e0 05.4.02",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-261471",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-261471"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2020-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2020-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"name": "CVE-2020-26142",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26142"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
}
],
"initial_release_date": "2022-08-04T00:00:00",
"last_revision_date": "2022-08-04T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-706",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nBelden. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service\net une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Belden",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Belden BSECV-2022-13 du 01 ao\u00fbt 2022",
"url": "https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=14662\u0026mediaformatid=50063\u0026destinationid=10016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Belden BSECV-2021-16 du 01 ao\u00fbt 2022",
"url": "https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=14146\u0026mediaformatid=50063\u0026destinationid=10016"
}
]
}
CISCO-SA-WIFI-FAF-22EPCEWU
Vulnerability from csaf_cisco - Published: 2021-05-11 18:00 - Updated: 2021-12-15 15:47Summary
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
Notes
Summary: On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are implementation vulnerabilities. These vulnerabilities could allow an attacker to forge encrypted frames, which could in turn enable the exfiltration of sensitive data from a targeted device.
This advisory will be updated as additional information becomes available.
Affected Products: Cisco is investigating its product line to determine which products may be affected by these vulnerabilities. As the investigation progresses, Cisco will update this advisory with information about affected products.
Vulnerable Products: The following table lists Cisco products that are affected by the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.
CVE ID Cisco Bug ID Fixed Release Availability ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] Aironet 1532 APs, AP803 Integrated AP on IR829 Industrial Integrated Services Routers CVE-2020-24586 CSCvy32690 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"] 8.5MR8
8.10MR6 CVE-2020-24587 CSCvy32690 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"] 8.5MR8
8.10MR6 CVE-2020-24588 CSCvy32690 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"] 8.5MR8
8.10MR6 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1542 APs, Aironet 1810 APs, Aironet 1815 APs, Aironet 1832 APs, Aironet 1842 APs, Aironet 1852 APs, Aironet 1800i APs CVE-2020-24586 Not affected N/A CVE-2020-24587 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26146 CSCvx24420 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 Not affected N/A Aironet 1552 APs, Aironet 1552H APs, Aironet 1572 APs, Aironet 1702 APs, Aironet 2702 APs, Aironet 3702 APs, IW 3702 APs CVE-2020-24586 CSCvy32680 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680"] 8.5MR8
8.10MR6
16.12.6
17.3.4 CVE-2020-24587 CSCvy32680 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680"] 8.5MR8
8.10MR6
16.12.6
17.3.4 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1560 Series APs, Aironet 2800 Series APs, Aironet Series 3800 APs, Aironet Series 4800 APs, Catalyst IW 6300 APs, 6300 Series Embedded Services APs (ESW6300) CVE-2020-24586 CSCvx24449 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24449 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 CSCvy36698 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"] 8.5MR8
8.10MR6
16.12.6
17.3.4
17.6.1 Catalyst 9105 APs, Catalyst 9115 APs, Catalyst 9120 APs, Integrated AP on 1100 Integrated Services Routers CVE-2020-24586 CSCvx24425 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24425 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24425 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Catalyst 9117 APs CVE-2020-24586 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26145 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26146 CSCvx24439 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 Not affected N/A Catalyst 9124 APs1, Catalyst 9130 APs CVE-2020-24586 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24587 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-24588 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26139 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26145 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26146 CSCvx24428 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"]
CSCvx24452 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"]
CSCvx24456 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"] 8.10MR6
16.12.6
17.3.4
17.6.1 CVE-2020-26147 Not affected N/A 1. Catalyst 9124 APs were not supported until Release 17.5, and the fix will be available in Release 17.6.1 Meraki GR10, GR60, MR20, MR30H, MR33, MR36, MR42, MR42E, MR44, MR45, MR46, MR46E, MR52, MR53, MR53E, MR55, MR56, MR70, MR74, MR76, MR84, MR86 CVE-2020-24586 No bug ID MR 27.7.1 CVE-2020-24587 No bug ID MR 27.7.1 CVE-2020-24588 No bug ID MR 27.7.1 CVE-2020-26139 No bug ID MR 27.7.1 CVE-2020-26140 No bug ID MR 27.7.1 CVE-2020-26141 No bug ID MR 27.7.1 CVE-2020-26142 No bug ID MR 27.7.1 CVE-2020-26143 No bug ID MR 27.7.1 CVE-2020-26144 No bug ID MR 27.7.1 CVE-2020-26145 No bug ID MR 27.7.1 CVE-2020-26146 No bug ID MR 27.7.1 CVE-2020-26147 No bug ID MR 27.7.1 Meraki MR12, MR18, MR26, MR32, MR34, MR62, MR66, MR72 CVE-2020-24586 No bug ID MR 26.8.3 CVE-2020-24587 No bug ID MR 26.8.3 CVE-2020-24588 No bug ID MR 26.8.3 CVE-2020-26139 No bug ID MR 26.8.3 CVE-2020-26140 No bug ID MR 26.8.3 CVE-2020-26141 No bug ID MR 26.8.3 CVE-2020-26142 No bug ID MR 26.8.3 CVE-2020-26143 No bug ID MR 26.8.3 CVE-2020-26144 No bug ID MR 26.8.3 CVE-2020-26145 No bug ID MR 26.8.3 CVE-2020-26146 No bug ID MR 26.8.3 CVE-2020-26147 No bug ID MR 26.8.3 Meraki MX64W, MX65W, MX67W, MX67CW, MX68W, MX68CW, Z3, Z3C1 CVE-2020-24586 No bug ID MX 17.0 CVE-2020-24587 No bug ID MX 17.0 CVE-2020-24588 No bug ID MX 17.0 CVE-2020-26139 No bug ID MX 17.0 CVE-2020-26140 No bug ID MX 17.0 CVE-2020-26141 No bug ID MX 17.0 CVE-2020-26142 No bug ID MX 17.0 CVE-2020-26143 No bug ID MX 17.0 CVE-2020-26144 No bug ID MX 17.0 CVE-2020-26145 No bug ID MX 17.0 CVE-2020-26146 No bug ID MX 17.0 CVE-2020-26147 No bug ID MX 17.0 1. Cisco will not fix these vulnerabilities in the following Cisco Meraki products: MX60W and Z1 IP Phone 8861, IP Phone 8865, and IP Conference Phone 8832 CVE-2020-24586 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-24587 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-24588 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26139 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26140 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26141 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26142 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26143 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26144 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26145 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26146 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) CVE-2020-26147 CSCvx60997 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"] 14.1(1) IP Phone 6861 and IP Phone 8861 Running Third-Party Call Control (3PCC) Software CVE-2020-24586 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-24587 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-24588 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26139 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26140 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26141 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26142 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26143 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26144 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26145 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26146 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) CVE-2020-26147 CSCvx61001 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"] 11.3(5) Wireless IP Phone 8821 CVE-2020-24586 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-24587 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-24588 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26139 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26140 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26141 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26142 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26143 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26144 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26145 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26146 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 CVE-2020-26147 CSCvx61012 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"] 11.0(6)SR2 Webex Desk Series and Webex Room Series CVE-2020-24586 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-24587 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-24588 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26139 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26140 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26141 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26142 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26143 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26144 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26145 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26146 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 CVE-2020-26147 CSCvx89821 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"] 1.2(0)SR1 Webex Board Series CVE-2020-24586 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-24587 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-24588 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26139 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26140 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26141 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26142 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26143 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26144 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26145 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26146 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 CVE-2020-26147 CSCvx61020 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"] 10.8.2.5 Webex Wireless Phone 840 and 860 CVE-2020-24586 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-24587 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-24588 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26139 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26140 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26141 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26142 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26143 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26144 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26145 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26146 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0) CVE-2020-26147 CSCvx62886 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"] 1.4(0)
Products Confirmed Not Vulnerable: Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Details: The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.
For a description of the following vulnerabilities, see Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation ["https://papers.mathyvanhoef.com/usenix2021.pdf"].
For additional information, see FragAttacks ["https://fragattacks.com/"].
CVE-2020-26140: Accepting plaintext data frames in a protected network
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26143: Accepting fragmented plaintext data frames in a protected network
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26144: Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an encrypted network)
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26145: Accepting plaintext broadcast fragments as full frames (in an encrypted network)
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-24586: Not clearing fragments from memory when (re)connecting to a network
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-24588: Accepting non-SPP A-MSDU frames
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26139: Forwarding EAPOL frames even though the sender is not yet authenticated
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-26141: Not verifying the TKIP MIC of fragmented frames
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26142: Processing fragmented frames as full frames
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.7
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-24587: Reassembling fragments encrypted under different keys
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26146: Reassembling encrypted fragments with non-consecutive packet numbers
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2020-26147: Reassembling mixed encrypted/plaintext fragments
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Workarounds: There are no workarounds that address these vulnerabilities.
Fixed Software: For information about fixed software releases ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], consult the Cisco bugs identified in the Vulnerable Products ["#vp"] section of this advisory.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements: The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.
The Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.
Source: These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef of New York University Abu Dhabi. Cisco would like to thank Dr. Vanhoef for his continued help and support during the handling of these vulnerabilities.
Legal Disclaimer: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
6.5 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
4.8 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
4.8 (Medium)
6.5 (Medium)
6.5 (Medium)
6.5 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
4.8 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
5.7 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
5.7 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco Aironet Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Business Wireless Access Point Software
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco IP Phones with Multiplatform Firmware
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco TelePresence Endpoint Software (TC/CE)
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Webex Room Phone
Cisco
|
— |
Vendor Fix
fix
|
|
|
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco
|
— |
Vendor Fix
fix
|
References
22 references
| URL | Category |
|---|---|
| https://sec.cloudapps.cisco.com/security/center/c… | self |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
| https://sec.cloudapps.cisco.com/security/center/r… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://bst.cloudapps.cisco.com/bugsearch/bug/CSC… | external |
| https://papers.mathyvanhoef.com/usenix2021.pdf | external |
| https://fragattacks.com/ | external |
| https://www.cisco.com/go/psirt | external |
Acknowledgments
{
"document": {
"acknowledgments": [
{
"summary": "These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef of New York University Abu Dhabi. Cisco would like to thank Dr. Vanhoef for his continued help and support during the handling of these vulnerabilities."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are implementation vulnerabilities. These vulnerabilities could allow an attacker to forge encrypted frames, which could in turn enable the exfiltration of sensitive data from a targeted device.\r\n\r\nThis advisory will be updated as additional information becomes available.\r\n\r\n",
"title": "Summary"
},
{
"category": "general",
"text": "Cisco is investigating its product line to determine which products may be affected by these vulnerabilities. As the investigation progresses, Cisco will update this advisory with information about affected products.",
"title": "Affected Products"
},
{
"category": "general",
"text": "The following table lists Cisco products that are affected by the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.\r\n CVE ID Cisco Bug ID Fixed Release Availability [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] Aironet 1532 APs, AP803 Integrated AP on IR829 Industrial Integrated Services Routers CVE-2020-24586 CSCvy32690 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690\"] 8.5MR8\r\n8.10MR6 CVE-2020-24587 CSCvy32690 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690\"] 8.5MR8\r\n8.10MR6 CVE-2020-24588 CSCvy32690 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690\"] 8.5MR8\r\n8.10MR6 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1542 APs, Aironet 1810 APs, Aironet 1815 APs, Aironet 1832 APs, Aironet 1842 APs, Aironet 1852 APs, Aironet 1800i APs CVE-2020-24586 Not affected N/A CVE-2020-24587 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26146 CSCvx24420 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 Not affected N/A Aironet 1552 APs, Aironet 1552H APs, Aironet 1572 APs, Aironet 1702 APs, Aironet 2702 APs, Aironet 3702 APs, IW 3702 APs CVE-2020-24586 CSCvy32680 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4 CVE-2020-24587 CSCvy32680 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Aironet 1560 Series APs, Aironet 2800 Series APs, Aironet Series 3800 APs, Aironet Series 4800 APs, Catalyst IW 6300 APs, 6300 Series Embedded Services APs (ESW6300) CVE-2020-24586 CSCvx24449 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24449 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 Not affected N/A CVE-2020-26139 Not affected N/A CVE-2020-26140 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 CSCvy36698 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698\"] 8.5MR8\r\n8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 Catalyst 9105 APs, Catalyst 9115 APs, Catalyst 9120 APs, Integrated AP on 1100 Integrated Services Routers CVE-2020-24586 CSCvx24425 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24425 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24425 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 Not affected N/A CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 Not affected N/A CVE-2020-26145 Not affected N/A CVE-2020-26146 Not affected N/A CVE-2020-26147 Not affected N/A Catalyst 9117 APs CVE-2020-24586 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26145 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26146 CSCvx24439 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 Not affected N/A Catalyst 9124 APs1, Catalyst 9130 APs CVE-2020-24586 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24587 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-24588 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26139 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26140 Not affected N/A CVE-2020-26141 Not affected N/A CVE-2020-26142 Not affected N/A CVE-2020-26143 Not affected N/A CVE-2020-26144 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26145 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26146 CSCvx24428 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428\"]\r\nCSCvx24452 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452\"]\r\nCSCvx24456 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456\"] 8.10MR6\r\n16.12.6\r\n17.3.4\r\n17.6.1 CVE-2020-26147 Not affected N/A 1. Catalyst 9124 APs were not supported until Release 17.5, and the fix will be available in Release 17.6.1 Meraki GR10, GR60, MR20, MR30H, MR33, MR36, MR42, MR42E, MR44, MR45, MR46, MR46E, MR52, MR53, MR53E, MR55, MR56, MR70, MR74, MR76, MR84, MR86 CVE-2020-24586 No bug ID MR 27.7.1 CVE-2020-24587 No bug ID MR 27.7.1 CVE-2020-24588 No bug ID MR 27.7.1 CVE-2020-26139 No bug ID MR 27.7.1 CVE-2020-26140 No bug ID MR 27.7.1 CVE-2020-26141 No bug ID MR 27.7.1 CVE-2020-26142 No bug ID MR 27.7.1 CVE-2020-26143 No bug ID MR 27.7.1 CVE-2020-26144 No bug ID MR 27.7.1 CVE-2020-26145 No bug ID MR 27.7.1 CVE-2020-26146 No bug ID MR 27.7.1 CVE-2020-26147 No bug ID MR 27.7.1 Meraki MR12, MR18, MR26, MR32, MR34, MR62, MR66, MR72 CVE-2020-24586 No bug ID MR 26.8.3 CVE-2020-24587 No bug ID MR 26.8.3 CVE-2020-24588 No bug ID MR 26.8.3 CVE-2020-26139 No bug ID MR 26.8.3 CVE-2020-26140 No bug ID MR 26.8.3 CVE-2020-26141 No bug ID MR 26.8.3 CVE-2020-26142 No bug ID MR 26.8.3 CVE-2020-26143 No bug ID MR 26.8.3 CVE-2020-26144 No bug ID MR 26.8.3 CVE-2020-26145 No bug ID MR 26.8.3 CVE-2020-26146 No bug ID MR 26.8.3 CVE-2020-26147 No bug ID MR 26.8.3 Meraki MX64W, MX65W, MX67W, MX67CW, MX68W, MX68CW, Z3, Z3C1 CVE-2020-24586 No bug ID MX 17.0 CVE-2020-24587 No bug ID MX 17.0 CVE-2020-24588 No bug ID MX 17.0 CVE-2020-26139 No bug ID MX 17.0 CVE-2020-26140 No bug ID MX 17.0 CVE-2020-26141 No bug ID MX 17.0 CVE-2020-26142 No bug ID MX 17.0 CVE-2020-26143 No bug ID MX 17.0 CVE-2020-26144 No bug ID MX 17.0 CVE-2020-26145 No bug ID MX 17.0 CVE-2020-26146 No bug ID MX 17.0 CVE-2020-26147 No bug ID MX 17.0 1. Cisco will not fix these vulnerabilities in the following Cisco Meraki products: MX60W and Z1 IP Phone 8861, IP Phone 8865, and IP Conference Phone 8832 CVE-2020-24586 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-24587 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-24588 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26139 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26140 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26141 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26142 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26143 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26144 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26145 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26146 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) CVE-2020-26147 CSCvx60997 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997\"] 14.1(1) IP Phone 6861 and IP Phone 8861 Running Third-Party Call Control (3PCC) Software CVE-2020-24586 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-24587 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-24588 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26139 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26140 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26141 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26142 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26143 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26144 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26145 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26146 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) CVE-2020-26147 CSCvx61001 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001\"] 11.3(5) Wireless IP Phone 8821 CVE-2020-24586 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-24587 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-24588 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26139 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26140 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26141 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26142 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26143 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26144 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26145 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26146 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 CVE-2020-26147 CSCvx61012 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012\"] 11.0(6)SR2 Webex Desk Series and Webex Room Series CVE-2020-24586 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-24587 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-24588 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26139 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26140 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26141 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26142 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26143 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26144 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26145 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26146 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 CVE-2020-26147 CSCvx89821 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821\"] 1.2(0)SR1 Webex Board Series CVE-2020-24586 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-24587 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-24588 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26139 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26140 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26141 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26142 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26143 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26144 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26145 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26146 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 CVE-2020-26147 CSCvx61020 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020\"] 10.8.2.5 Webex Wireless Phone 840 and 860 CVE-2020-24586 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-24587 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-24588 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26139 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26140 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26141 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26142 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26143 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26144 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26145 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26146 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0) CVE-2020-26147 CSCvx62886 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886\"] 1.4(0)",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.\r\n\r\nFor a description of the following vulnerabilities, see Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation [\"https://papers.mathyvanhoef.com/usenix2021.pdf\"].\r\n\r\nFor additional information, see FragAttacks [\"https://fragattacks.com/\"].\r\n\r\nCVE-2020-26140: Accepting plaintext data frames in a protected network\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26143: Accepting fragmented plaintext data frames in a protected network\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26144: Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an encrypted network)\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26145: Accepting plaintext broadcast fragments as full frames (in an encrypted network)\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 6.5\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-24586: Not clearing fragments from memory when (re)connecting to a network\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-24588: Accepting non-SPP A-MSDU frames\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26139: Forwarding EAPOL frames even though the sender is not yet authenticated\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\r\n\r\nCVE-2020-26141: Not verifying the TKIP MIC of fragmented frames\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26142: Processing fragmented frames as full frames\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 5.7\r\nCVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-24587: Reassembling fragments encrypted under different keys\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 4.8\r\nCVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26146: Reassembling encrypted fragments with non-consecutive packet numbers\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 4.8\r\nCVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N\r\n\r\nCVE-2020-26147: Reassembling mixed encrypted/plaintext fragments\r\n\r\nSecurity Impact Rating (SIR): Medium\r\nCVSS Base Score: 4.8\r\nCVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"title": "Details"
},
{
"category": "general",
"text": "There are no workarounds that address these vulnerabilities.",
"title": "Workarounds"
},
{
"category": "general",
"text": "For information about fixed software releases [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], consult the Cisco bugs identified in the Vulnerable Products [\"#vp\"] section of this advisory.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef of New York University Abu Dhabi. Cisco would like to thank Dr. Vanhoef for his continued help and support during the handling of these vulnerabilities.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "Fixed Release Availability",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "CSCvy32690",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32690"
},
{
"category": "external",
"summary": "CSCvx24420",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24420"
},
{
"category": "external",
"summary": "CSCvy32680",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy32680"
},
{
"category": "external",
"summary": "CSCvx24449",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24449"
},
{
"category": "external",
"summary": "CSCvy36698",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy36698"
},
{
"category": "external",
"summary": "CSCvx24425",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24425"
},
{
"category": "external",
"summary": "CSCvx24439",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24439"
},
{
"category": "external",
"summary": "CSCvx24428",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24428"
},
{
"category": "external",
"summary": "CSCvx24452",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24452"
},
{
"category": "external",
"summary": "CSCvx24456",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24456"
},
{
"category": "external",
"summary": "CSCvx60997",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx60997"
},
{
"category": "external",
"summary": "CSCvx61001",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61001"
},
{
"category": "external",
"summary": "CSCvx61012",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61012"
},
{
"category": "external",
"summary": "CSCvx89821",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx89821"
},
{
"category": "external",
"summary": "CSCvx61020",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx61020"
},
{
"category": "external",
"summary": "CSCvx62886",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx62886"
},
{
"category": "external",
"summary": "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation",
"url": "https://papers.mathyvanhoef.com/usenix2021.pdf"
},
{
"category": "external",
"summary": "FragAttacks",
"url": "https://fragattacks.com/"
},
{
"category": "external",
"summary": "Cisco\u0026nbsp;Security Advisories page",
"url": "https://www.cisco.com/go/psirt"
}
],
"title": "Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tracking": {
"current_release_date": "2021-12-15T15:47:26+00:00",
"generator": {
"date": "2024-05-10T23:04:25+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-wifi-faf-22epcEWu",
"initial_release_date": "2021-05-11T18:00:00+00:00",
"revision_history": [
{
"date": "2021-05-10T16:33:53+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2021-05-11T21:59:40+00:00",
"number": "1.1.0",
"summary": "Updated affected Meraki MR products."
},
{
"date": "2021-05-14T20:43:24+00:00",
"number": "1.2.0",
"summary": "Added additional affected products."
},
{
"date": "2021-05-17T17:42:47+00:00",
"number": "1.3.0",
"summary": "Added additional affected products."
},
{
"date": "2021-05-19T20:50:42+00:00",
"number": "1.4.0",
"summary": "Added additional fixed releases."
},
{
"date": "2021-06-02T20:48:21+00:00",
"number": "1.5.0",
"summary": "Update affected products."
},
{
"date": "2021-07-13T18:42:53+00:00",
"number": "1.6.0",
"summary": "Added additional fixed releases for Meraki products."
},
{
"date": "2021-08-30T19:06:07+00:00",
"number": "1.7.0",
"summary": "Updated fixed release details for multiple products."
},
{
"date": "2021-10-05T14:54:59+00:00",
"number": "1.8.0",
"summary": "Updated fixed release details for Aironet 1532/AP803 products."
},
{
"date": "2021-12-15T15:47:26+00:00",
"number": "1.9.0",
"summary": "Updated fixed releases."
}
],
"status": "final",
"version": "1.9.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_family",
"name": "Cisco Aironet Access Point Software",
"product": {
"name": "Cisco Aironet Access Point Software ",
"product_id": "CSAFPID-190024"
}
},
{
"category": "product_family",
"name": "Cisco IP Phones with Multiplatform Firmware",
"product": {
"name": "Cisco IP Phones with Multiplatform Firmware ",
"product_id": "CSAFPID-277607"
}
},
{
"category": "product_family",
"name": "Cisco TelePresence Endpoint Software (TC/CE)",
"product": {
"name": "Cisco TelePresence Endpoint Software (TC/CE) ",
"product_id": "CSAFPID-278404"
}
},
{
"category": "product_family",
"name": "Cisco Webex Room Phone",
"product": {
"name": "Cisco Webex Room Phone ",
"product_id": "CSAFPID-278888"
}
},
{
"category": "product_family",
"name": "Cisco Business Wireless Access Point Software",
"product": {
"name": "Cisco Business Wireless Access Point Software ",
"product_id": "CSAFPID-280012"
}
},
{
"category": "product_family",
"name": "Cisco Aironet Access Point Software (IOS XE Controller)",
"product": {
"name": "Cisco Aironet Access Point Software (IOS XE Controller) ",
"product_id": "CSAFPID-280019"
}
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-26144",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24452"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24428"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24456"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-280019",
"CSAFPID-190024",
"CSAFPID-280012"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "vuln-CVE-2020-26144"
},
{
"cve": "CVE-2020-26141",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "vuln-CVE-2020-26141"
},
{
"cve": "CVE-2020-26146",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24420"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24425"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24441"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24440"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24449"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvy32694"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-190024",
"CSAFPID-277607",
"CSAFPID-280012",
"CSAFPID-278888",
"CSAFPID-278404",
"CSAFPID-280019"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-190024",
"CSAFPID-277607",
"CSAFPID-280012",
"CSAFPID-278888",
"CSAFPID-278404"
]
}
],
"title": "vuln-CVE-2020-26146"
},
{
"cve": "CVE-2020-26147",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "vuln-CVE-2020-26147"
},
{
"cve": "CVE-2020-26140",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "vuln-CVE-2020-26140"
},
{
"cve": "CVE-2020-26142",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "vuln-CVE-2020-26142"
},
{
"cve": "CVE-2020-26143",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278888",
"CSAFPID-278404"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278888",
"CSAFPID-278404"
]
}
],
"title": "vuln-CVE-2020-26143"
},
{
"cve": "CVE-2020-26145",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24420"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24428"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24456"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24452"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278888",
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278888",
"CSAFPID-278404"
]
}
],
"title": "vuln-CVE-2020-26145"
},
{
"cve": "CVE-2020-26139",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24420"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24428"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24456"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24452"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278888",
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278888",
"CSAFPID-278404"
]
}
],
"title": "Forwarding EAPOL frames even though the sender is not yet authenticated"
},
{
"cve": "CVE-2020-24587",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24420"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24428"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24425"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24456"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24449"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvy32680"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24452"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-280012",
"CSAFPID-190024",
"CSAFPID-280019"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "Mixed Key Attack Against Fragmentation"
},
{
"cve": "CVE-2020-24586",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24428"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24425"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24441"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24456"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24449"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvy32680"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24452"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx60997"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx61001"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx61012"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx61020"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-280012",
"CSAFPID-190024",
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-280019"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-280012",
"CSAFPID-190024",
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "Fragment Cache Attack"
},
{
"cve": "CVE-2020-24588",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24420"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24428"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24425"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24423"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24439"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24456"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx24452"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvy32690"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62884"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62876"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx89821"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCvx62886"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888",
"CSAFPID-280019"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-278404",
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-280019",
"CSAFPID-278888",
"CSAFPID-277607"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-190024",
"CSAFPID-280012",
"CSAFPID-277607",
"CSAFPID-278404",
"CSAFPID-278888"
]
}
],
"title": "A-MSDU Design Flaw"
}
]
}
Title
Linux kernel输入验证错误漏洞(CNVD-2021-34682)
Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel 5.8.9版本存在输入验证错误漏洞。该漏洞源于当设备发送分段的帧并且使用WEP,CCMP或GCMP数据机密协议时,攻击者可以利用此漏洞来注入数据包或泄露选定的片段。
Severity
中
Patch Name
Linux kernel输入验证错误漏洞(CNVD-2021-34682)的补丁
Patch Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel 5.8.9版本存在输入验证错误漏洞。该漏洞源于当设备发送分段的帧并且使用WEP,CCMP或GCMP数据机密协议时,攻击者可以利用此漏洞来注入数据包或泄露选定的片段。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-24586
Impacted products
| Name | Linux Linux kernel 5.8.9 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-24586"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\n\nLinux kernel 5.8.9\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5f53\u8bbe\u5907\u53d1\u9001\u5206\u6bb5\u7684\u5e27\u5e76\u4e14\u4f7f\u7528WEP\uff0cCCMP\u6216GCMP\u6570\u636e\u673a\u5bc6\u534f\u8bae\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u6765\u6ce8\u5165\u6570\u636e\u5305\u6216\u6cc4\u9732\u9009\u5b9a\u7684\u7247\u6bb5\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-34682",
"openTime": "2021-05-14",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 5.8.9\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5f53\u8bbe\u5907\u53d1\u9001\u5206\u6bb5\u7684\u5e27\u5e76\u4e14\u4f7f\u7528WEP\uff0cCCMP\u6216GCMP\u6570\u636e\u673a\u5bc6\u534f\u8bae\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u6765\u6ce8\u5165\u6570\u636e\u5305\u6216\u6cc4\u9732\u9009\u5b9a\u7684\u7247\u6bb5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2021-34682\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux Linux kernel 5.8.9"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-24586",
"serverity": "\u4e2d",
"submitTime": "2021-05-14",
"title": "Linux kernel\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2021-34682\uff09"
}
FKIE_CVE-2020-24586
Vulnerability from fkie_nvd - Published: 2021-05-11 20:15 - Updated: 2024-11-21 05:15
Severity
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2021/05/11/12 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html | ||
| cve@mitre.org | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu | Third Party Advisory | |
| cve@mitre.org | https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 | Third Party Advisory | |
| cve@mitre.org | https://www.fragattacks.com | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/05/11/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fragattacks.com | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ieee | ieee_802.11 | * | |
| debian | debian_linux | 9.0 | |
| linux | mac80211 | - | |
| arista | c-250_firmware | * | |
| arista | c-250 | - | |
| arista | c-260_firmware | * | |
| arista | c-260 | - | |
| arista | c-230_firmware | * | |
| arista | c-230 | - | |
| arista | c-235_firmware | * | |
| arista | c-235 | - | |
| arista | c-200_firmware | * | |
| arista | c-200 | - | |
| intel | ax210_firmware | * | |
| intel | ax210 | - | |
| intel | ax201_firmware | * | |
| intel | ax201 | - | |
| intel | ax200_firmware | * | |
| intel | ax200 | - | |
| intel | ac_9560_firmware | * | |
| intel | ac_9560 | - | |
| intel | ac_9462_firmware | * | |
| intel | ac_9462 | - | |
| intel | ac_9461_firmware | * | |
| intel | ac_9461 | - | |
| intel | ac_9260_firmware | * | |
| intel | ac_9260 | - | |
| intel | ac_8265_firmware | * | |
| intel | ac_8265 | - | |
| intel | ac_8260_firmware | * | |
| intel | ac_8260 | - | |
| intel | ac_3168_firmware | * | |
| intel | ac_3168 | - | |
| intel | ac_7265_firmware | * | |
| intel | ac_7265 | - | |
| intel | ac_3165_firmware | * | |
| intel | ac_3165 | - | |
| intel | ax1675_firmware | - | |
| intel | ax1675 | - | |
| intel | ax1650_firmware | - | |
| intel | ax1650 | - | |
| intel | ac_1550_firmware | - | |
| intel | ac_1550 | - | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA94FAA4-9BBF-402D-8B33-20A5E8AAFC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:mac80211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20B7EA3B-CCBA-4483-9BDD-DC8ED8689A22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B22D5837-A2CC-41AB-8252-1724345AEDC5",
"versionEndExcluding": "10.0.1-31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE97F0AD-8658-476A-8E22-DA67A5FD9F73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4180BE58-3CA0-4FFD-B5BE-44E36FDE5F89",
"versionEndExcluding": "10.0.1-31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A006A8BD-D56E-40C2-ADD2-C11759153808",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59BE4F3A-477A-4DE9-B293-F2AF2CCED9A3",
"versionEndExcluding": "10.0.1-31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B18F4E-4968-493A-BC90-5D8D7F619F39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96A0A5F0-B046-4B53-92BC-D21705B1597C",
"versionEndExcluding": "10.0.1-31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54878C0D-8842-490F-B556-76AF47A65891",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C62FEC63-9790-44DF-8AA0-050E89E883B1",
"versionEndExcluding": "11.0.0-36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F81C550-CE6F-4E68-A088-5EC0CEF40600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ax210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C073E29-FABA-4A07-A833-0E0A2CA5C9F4",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ax210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D74C-4A48-4AC0-A565-A00D555E27D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ax201_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5420D2-2979-4BA7-8BF5-2F522CCE3C74",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4649D446-130B-4B31-B9ED-BA7F9F7EEB8F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ax200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC9FE51-D078-41C0-80DB-21820AD151C2",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9903E2E-A670-40D4-8B9F-D2C0CFDBFC9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9560_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D239D907-FE04-4E02-B4BF-7F0A24CCC781",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D382D4A1-C8FD-4B47-B2C4-145232EC8AC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9462_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD21C53-CCBA-43FD-9DF7-A087705EC26E",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89EB0D-233A-486A-BDAE-F5726432CD7E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9461_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19F30CC4-1D90-4298-BE72-307F8CD9C8E4",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A11E55E8-5FA9-4ED7-AB61-03F22EE1759B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D25023-2C51-4186-BEE6-0C1096181C7C",
"versionEndExcluding": "22.30.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2795E42-D044-4D48-BCB2-61CC1A3471B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_8265_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1091737E-15B8-4F29-AFC7-DAB19B4736DB",
"versionEndExcluding": "20.70.21.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2F3E-C4B5-4227-A88D-C50E209A12CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_8260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33EF2DC9-CD1E-43C1-88AF-9E83E2E4EC81",
"versionEndExcluding": "20.70.21.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_3168_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F779EAF-1408-4994-9701-CE24AC5FB8A9",
"versionEndExcluding": "19.51.33.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5B2BCE-2D8A-440C-B866-76E035314022",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_7265_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6B04BC-69A8-469C-8364-F8CA6F5B09D2",
"versionEndExcluding": "19.51.33.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9F1CE7-8F14-4526-A857-7B954EC4BB6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_3165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42A7C347-86AF-4397-B227-C636D352CB87",
"versionEndExcluding": "19.51.33.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "197A3DA1-B8EF-438F-B933-32253C43C8EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ax1675_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DAB2B67-5C39-4438-8E36-3F740A697599",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ax1675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F407ACA-0952-4717-A302-2D5CEB6DB111",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ax1650_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B39FB813-1EC0-4B5C-B8CB-F5129DBF94C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B944F7-4A5F-41D0-A910-6F978F66CAA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_1550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A66D96C8-7C0D-4615-B825-A15DBB37B920",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12419474-DB56-462D-9116-3614A4BBAF20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C083CF-3D4D-4AF0-8461-835F6AC264CC",
"versionEndExcluding": "4.4.271",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11580478-2F79-45B8-9BC0-FEF28259A4F5",
"versionEndExcluding": "4.9.271",
"versionStartIncluding": "4.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970E3D3C-8829-4599-95A7-AC63136CE48E",
"versionEndExcluding": "4.14.235",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7D3563-5878-403A-9BB7-6C44E6FE10A0",
"versionEndExcluding": "4.19.193",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01D49B11-5E8A-427F-B9BE-8A5174DEDD65",
"versionEndExcluding": "5.4.124",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39B1E70-2AF7-4482-9ADF-45A1C04A4BC3",
"versionEndExcluding": "5.10.42",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1CFA77-6B5E-430C-AC49-3B3508F2D903",
"versionEndExcluding": "5.12.9",
"versionStartIncluding": "5.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data."
},
{
"lang": "es",
"value": "El est\u00e1ndar 802.11 que sustenta a Wi-Fi Protected Access (WPA, WPA2, y WPA3) y Wired Equivalent Privacy (WEP) no requiere que los fragmentos recibidos se borren de la memoria despu\u00e9s de (re)conectarse a una red.\u0026#xa0;En las circunstancias adecuadas, cuando otro dispositivo env\u00eda tramas fragmentadas cifradas mediante WEP, CCMP o GCMP, se puede abusar de esto para inyectar paquetes de red arbitrarios y/o exfiltrar datos del usuario"
}
],
"id": "CVE-2020-24586",
"lastModified": "2024-11-21T05:15:03.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-11T20:15:08.537",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…