2023-04-24 12:24:31 +02:00
|
|
|
{
|
|
|
|
|
"id": "CVE-2022-46397",
|
|
|
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
|
|
|
"published": "2023-03-28T22:15:09.243",
|
2025-02-19 21:03:55 +00:00
|
|
|
"lastModified": "2025-02-19T19:15:11.217",
|
2024-12-08 03:06:42 +00:00
|
|
|
"vulnStatus": "Modified",
|
2024-07-14 02:06:08 +00:00
|
|
|
"cveTags": [],
|
2023-04-24 12:24:31 +02:00
|
|
|
"descriptions": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "en",
|
|
|
|
|
"value": "FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode."
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"metrics": {
|
|
|
|
|
"cvssMetricV31": [
|
|
|
|
|
{
|
|
|
|
|
"source": "nvd@nist.gov",
|
|
|
|
|
"type": "Primary",
|
|
|
|
|
"cvssData": {
|
|
|
|
|
"version": "3.1",
|
|
|
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
2024-12-08 03:06:42 +00:00
|
|
|
"baseScore": 7.5,
|
|
|
|
|
"baseSeverity": "HIGH",
|
2023-04-24 12:24:31 +02:00
|
|
|
"attackVector": "NETWORK",
|
|
|
|
|
"attackComplexity": "LOW",
|
|
|
|
|
"privilegesRequired": "NONE",
|
|
|
|
|
"userInteraction": "NONE",
|
|
|
|
|
"scope": "UNCHANGED",
|
|
|
|
|
"confidentialityImpact": "HIGH",
|
|
|
|
|
"integrityImpact": "NONE",
|
2024-12-08 03:06:42 +00:00
|
|
|
"availabilityImpact": "NONE"
|
2023-04-24 12:24:31 +02:00
|
|
|
},
|
|
|
|
|
"exploitabilityScore": 3.9,
|
|
|
|
|
"impactScore": 3.6
|
2025-02-19 21:03:55 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
|
|
|
"type": "Secondary",
|
|
|
|
|
"cvssData": {
|
|
|
|
|
"version": "3.1",
|
|
|
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
|
|
|
|
"baseScore": 7.5,
|
|
|
|
|
"baseSeverity": "HIGH",
|
|
|
|
|
"attackVector": "NETWORK",
|
|
|
|
|
"attackComplexity": "LOW",
|
|
|
|
|
"privilegesRequired": "NONE",
|
|
|
|
|
"userInteraction": "NONE",
|
|
|
|
|
"scope": "UNCHANGED",
|
|
|
|
|
"confidentialityImpact": "HIGH",
|
|
|
|
|
"integrityImpact": "NONE",
|
|
|
|
|
"availabilityImpact": "NONE"
|
|
|
|
|
},
|
|
|
|
|
"exploitabilityScore": 3.9,
|
|
|
|
|
"impactScore": 3.6
|
2023-04-24 12:24:31 +02:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"weaknesses": [
|
|
|
|
|
{
|
|
|
|
|
"source": "nvd@nist.gov",
|
|
|
|
|
"type": "Primary",
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "en",
|
|
|
|
|
"value": "NVD-CWE-Other"
|
|
|
|
|
}
|
|
|
|
|
]
|
2025-02-19 21:03:55 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
|
|
|
"type": "Secondary",
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "en",
|
|
|
|
|
"value": "CWE-329"
|
|
|
|
|
}
|
|
|
|
|
]
|
2023-04-24 12:24:31 +02:00
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"configurations": [
|
|
|
|
|
{
|
|
|
|
|
"nodes": [
|
|
|
|
|
{
|
|
|
|
|
"operator": "OR",
|
|
|
|
|
"negate": false,
|
|
|
|
|
"cpeMatch": [
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:19.04:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "EF4306E2-D3C7-469D-B689-6D83F086838C"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:19.08:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "8F6BFB07-7C92-44EA-ACA3-F44FED834D5D"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:20.01:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "5F9BCA0B-1A4D-4326-8F77-C2BAD1136FF4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:20.05:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "A17AE294-EA71-43D8-914B-04A12D2898C2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:20.09:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "19C20649-4B8D-43CF-A130-18202D43754A"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:21.01:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "6353F873-7D57-4501-B1A2-2B6F5652C843"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:21.06:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "B949BE66-DD26-4B14-819D-AF583403E89B"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:21.10:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "95E85B39-1ABD-4E20-9F5D-25EAA93E8D25"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:22.02:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "E336F810-C022-4928-BE76-A42654D6F512"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:22.06:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "9D78A1BE-2836-4CC6-BD5E-63F58053194B"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"vulnerable": true,
|
|
|
|
|
"criteria": "cpe:2.3:a:lfprojects:vector_packet_processor:22.10:*:*:*:*:*:*:*",
|
|
|
|
|
"matchCriteriaId": "5A8CB280-D822-40A8-86D2-038A1E8CA7D9"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"references": [
|
|
|
|
|
{
|
|
|
|
|
"url": "https://lists.fd.io/g/security-announce/message/2",
|
|
|
|
|
"source": "cve@mitre.org",
|
|
|
|
|
"tags": [
|
|
|
|
|
"Vendor Advisory"
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"url": "https://s3-docs.fd.io/vpp/23.02/",
|
|
|
|
|
"source": "cve@mitre.org",
|
|
|
|
|
"tags": [
|
|
|
|
|
"Product"
|
|
|
|
|
]
|
2024-12-08 03:06:42 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"url": "https://lists.fd.io/g/security-announce/message/2",
|
|
|
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
|
|
|
"tags": [
|
|
|
|
|
"Vendor Advisory"
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"url": "https://s3-docs.fd.io/vpp/23.02/",
|
|
|
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
|
|
|
"tags": [
|
|
|
|
|
"Product"
|
|
|
|
|
]
|
2023-04-24 12:24:31 +02:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
