mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
532 lines
15 KiB
JSON
532 lines
15 KiB
JSON
{
|
|
"id": "CVE-2020-13245",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2020-05-28T19:15:10.830",
|
|
"lastModified": "2020-05-29T19:05:18.463",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una falta de comprobaci\u00f3n del certificado SSL. Esto afecta a R7000 versiones 1.0.9.6_1.2.19 hasta 1.0.11.100_10.2.10, y posiblemente a R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500 y R7000P."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.9,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 2.2,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-295"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "564A93D7-7E58-49AB-8C3C-6DD889CC55F6"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "2FB936E4-0C1E-4030-B01A-5995DEC7CC69"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "EA36C0FA-64FA-4D7D-8E05-5C9DB444FD75"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4B302909-29CF-4E53-9CCB-8664D3FCB03A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "046FEBD8-BFA0-42EC-8549-629A87F812AD"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "046FEBD8-BFA0-42EC-8549-629A87F812AD"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "83EAF917-6EAC-4812-9A73-33171F0FCA9B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "C1C062A3-4586-488F-A297-2F4A35E79414"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "598B48C5-4706-4431-8C5A-DA496DD1052F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "25BF9DB3-8F6E-474D-A41E-654FEE84F46A"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "BBAC8B95-4753-4D4B-91E1-A45E74F854D5"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "06D5473F-42E2-498A-ACD9-A0541FCC6E78"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "4EE4FF13-CB32-424F-AAB3-D244E774C5C2"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "7AFF41D3-8423-40A5-8C74-EA8342543F65"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1742BD56-84E4-40E1-8C04-098B3715161E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "7B52D987-0770-437B-BADD-B848CEC9BB31"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "E20F0919-D53E-4E78-B826-A58F46023FD2"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "v1.0.9.6_1.2.19",
|
|
"versionEndIncluding": "v1.0.11.100_10.2.100",
|
|
"matchCriteriaId": "9A6EFE8E-B700-4367-A1D9-5301B22F94DE"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://iot-lab-fh-ooe.github.io/netgear_update_vulnerability/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.netgear.com/about/security/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |