admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-278xx/CVE-2020-27827.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

539 lines
16 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-27827",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-03-18T17:15:13.510",
"lastModified": "2023-04-20T07:15:06.753",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en m\u00faltiples versiones de OpenvSwitch. Los paquetes LLDP especialmente dise\u00f1ados pueden causar que una memoria se pierda cuando se asignan datos para manejar TLV opcionales espec\u00edficos, potencialmente causando una denegaci\u00f3n de servicio. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lldpd_project:lldpd:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.8",
"matchCriteriaId": "60E35B97-6AAD-4F2D-88E7-D1B235D36E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.9",
"matchCriteriaId": "D7946D64-A914-4DC4-8AFA-E5A4C9415B87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.7.12",
"matchCriteriaId": "FCBC3BDE-1CFE-4275-8F33-BC7D0ECD88BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndExcluding": "2.8.10",
"matchCriteriaId": "F553884B-6DC9-4DBD-ADD6-B24B8A9FDFBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.9.8",
"matchCriteriaId": "4A42E11A-8575-40B1-8343-840783E17FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.10.0",
"versionEndExcluding": "2.10.6",
"matchCriteriaId": "92DE8269-BD35-46B7-B4D0-5C0B5C3B2BE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.11.0",
"versionEndExcluding": "2.11.5",
"matchCriteriaId": "6AA97E08-3F7E-46CE-B03D-FD06307137A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.12.0",
"versionEndExcluding": "2.12.2",
"matchCriteriaId": "F74931FC-4B61-4EAD-90CD-D095A9BC76B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.13.0",
"versionEndExcluding": "2.13.2",
"matchCriteriaId": "6AACFC3E-4242-4E9E-9AC2-B2E1C700DF0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.14.0",
"versionEndExcluding": "2.14.1",
"matchCriteriaId": "E22360F8-FD09-4CED-8E62-46916AB17A12"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
"matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_hmi_unified_comfort_panels_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17",
"matchCriteriaId": "CAB60054-8FD0-45A4-B7DC-FFF061764B80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_hmi_unified_comfort_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2921C017-7617-4789-9690-C81EAC4F469D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "238D992C-6158-4E31-AE0A-7A9C54B51963"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65278BA0-3C81-4D81-9801-D7BE3A1D7680"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2009C1FA-96D5-413C-9161-0DB55F841088"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "350FD323-C876-4C7A-A2E7-4B0660C87F6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56E0C04-AEC3-45C8-93E7-FCA3B7F370F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0602DEEA-AE39-4A44-9D78-6623943DDCD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7747CD-757E-4B36-8F23-7588183948A7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5A494F-2EAB-4647-9A45-5CB0C382E099"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56C2BDC-928E-491A-8E7C-F976B3787C7A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98C894B9-C62A-4689-9DA4-D9A3795B8CE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783B50B8-2FB7-4982-88AA-B4F2AD094796"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A46FF27-6B0D-4606-9D7B-45912556416F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1256EB4B-DD8A-4F99-AE69-F74E8F789C63"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D5B1898E-CB50-429B-9609-DC27C33C5C37"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:sinumerik_one_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.1",
"matchCriteriaId": "296D097F-C7D2-4D12-8621-E0D1CAE64FA1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE30FFDF-5494-400D-8F88-954A6B1503B9"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921438",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf",
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/",
"source": "secalert@redhat.com"
},
{
"url": "https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink