CVE-2020-10754 - It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path an

CVE-2020-10754

Summary

It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.

References

Vulnerable Configurations

cpe:2.3:a:gnome:networkmanager:0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.97:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.97:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.98:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.98:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.99:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.99:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.100:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.0.100:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.1.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.1.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.1.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.1.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2.996:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2.996:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.2.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.7.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.0.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.996:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.996:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.3.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.5.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.5.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.5.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.5.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.5.93:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.5.93:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.996:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.996:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.998:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.999:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.9997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.9997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.1.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.1.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.1.95:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.1.95:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.3.990:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.3.990:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.3.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.3.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.3.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.3.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.5.95:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.5.95:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.5.96:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.5.96:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.7.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.7.995:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.7.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.7.997:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.9:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.9:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.8.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.9.95:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.9.95:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.9.98:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.9.98:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.10.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.10.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.995.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.995.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.93:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.93:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.94:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.1.94:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.3.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.3.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.3.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.3.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.5.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.7.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.7.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.7.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.7.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.8.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.9.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.9.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.14:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.10.14:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.12.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.14.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.16.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.16.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.16.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.16.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.16.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.16.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.18.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.12:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.20.12:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.10:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.12:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.22.12:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.24.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:1.24.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 02-11-2021 - 17:12)
Impact:
Exploitability:

CWE

CWE-306

CAPEC

Cross Site Request Forgery
An attacker crafts malicious web links and distributes them (via web pages, email, etc.), typically in a targeted manner, hoping to induce users to click on the link and execute the malicious action against some third-party application. If successful, the action embedded in the malicious link will be processed and accepted by the targeted application with the users' privilege level. This type of attack leverages the persistence and implicit trust placed in user session cookies by many web applications today. In such an architecture, once the user authenticates to an application and a session cookie is created on the user's system, all following transactions for that session are authenticated using that cookie including potential actions initiated by an attacker and simply "riding" the existing session cookie.
Choosing Message Identifier
This pattern of attack is defined by the selection of messages distributed over via multicast or public information channels that are intended for another client by determining the parameter value assigned to that client. This attack allows the adversary to gain access to potentially privileged information, and to possibly perpetrate other attacks through the distribution means by impersonation. If the channel/message being manipulated is an input rather than output mechanism for the system, (such as a command bus), this style of attack could be used to change the adversary's identifier to more a privileged one.
Using Unpublished APIs
An adversary searches for and invokes APIs that the target system designers did not intend to be publicly available. If these APIs fail to authenticate requests the attacker may be able to invoke functionality they are not authorized for.
Force the System to Reset Values
An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions. Since these functions are usually intended as emergency features to return an application to a stable configuration if the current configuration degrades functionality, they may not be as strongly secured as other configuration options. The resetting of values is dangerous as it may enable undesired functionality, disable services, or modify access controls. At the very least this is a nuisance attack since the administrator will need to re-apply their configuration. At worst, this attack can open avenues for powerful attacks against the application, and, if it isn't obvious that the configuration has been reset, these vulnerabilities may be present a long time before they are notices.

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:N/A:N

redhat via4

advisories

bugzilla

id	1843357
title	NetworkManager doesn't reconnect after DHCP failure [rhel-8.2.0.z]

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074

AND

comment NetworkManager is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011001
comment NetworkManager is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110930002

AND

comment NetworkManager-adsl is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011003
comment NetworkManager-adsl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315026

AND

comment NetworkManager-bluetooth is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011005
comment NetworkManager-bluetooth is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315028

AND

comment NetworkManager-cloud-setup is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011007
comment NetworkManager-cloud-setup is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20203011008

AND

comment NetworkManager-config-connectivity-redhat is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011009
comment NetworkManager-config-connectivity-redhat is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20203011010

AND

comment NetworkManager-config-server is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011011
comment NetworkManager-config-server is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315032

AND

comment NetworkManager-debugsource is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011013
comment NetworkManager-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20203011014

AND

comment NetworkManager-dispatcher-routing-rules is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011015
comment NetworkManager-dispatcher-routing-rules is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20162581034

AND

comment NetworkManager-libnm is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011017
comment NetworkManager-libnm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315040

AND

comment NetworkManager-libnm-devel is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011019
comment NetworkManager-libnm-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315042

AND

comment NetworkManager-ovs is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011021
comment NetworkManager-ovs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20183665020

AND

comment NetworkManager-ppp is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011023
comment NetworkManager-ppp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172299044

AND

comment NetworkManager-team is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011025
comment NetworkManager-team is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315044

AND

comment NetworkManager-tui is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011027
comment NetworkManager-tui is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315046

AND

comment NetworkManager-wifi is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011029
comment NetworkManager-wifi is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315048

AND

comment NetworkManager-wwan is earlier than 1:1.22.8-5.el8_2
oval oval:com.redhat.rhsa:tst:20203011031
comment NetworkManager-wwan is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315050

rhsa

id	RHSA-2020:3011
released	2020-07-21
severity	Moderate
title	RHSA-2020:3011: NetworkManager security and bug fix update (Moderate)

bugzilla

id	1841041
title	CVE-2020-10754 NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND

comment NetworkManager is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003001
comment NetworkManager is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110930002

AND

comment NetworkManager-adsl is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003003
comment NetworkManager-adsl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315026

AND

comment NetworkManager-bluetooth is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003005
comment NetworkManager-bluetooth is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315028

AND

comment NetworkManager-config-server is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003007
comment NetworkManager-config-server is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315032

AND

comment NetworkManager-dispatcher-routing-rules is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003009
comment NetworkManager-dispatcher-routing-rules is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20162581034

AND

comment NetworkManager-glib is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003011
comment NetworkManager-glib is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110930006

AND

comment NetworkManager-glib-devel is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003013
comment NetworkManager-glib-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110930008

AND

comment NetworkManager-libnm is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003015
comment NetworkManager-libnm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315040

AND

comment NetworkManager-libnm-devel is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003017
comment NetworkManager-libnm-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315042

AND

comment NetworkManager-ovs is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003019
comment NetworkManager-ovs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20183665020

AND

comment NetworkManager-ppp is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003021
comment NetworkManager-ppp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172299044

AND

comment NetworkManager-team is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003023
comment NetworkManager-team is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315044

AND

comment NetworkManager-tui is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003025
comment NetworkManager-tui is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315046

AND

comment NetworkManager-wifi is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003027
comment NetworkManager-wifi is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315048

AND

comment NetworkManager-wwan is earlier than 1:1.18.8-1.el7
oval oval:com.redhat.rhsa:tst:20204003029
comment NetworkManager-wwan is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152315050

rhsa

id	RHSA-2020:4003
released	2020-09-29
severity	Moderate
title	RHSA-2020:4003: NetworkManager security and bug fix update (Moderate)

rpms

NetworkManager-1:1.22.8-5.el8_2
NetworkManager-adsl-1:1.22.8-5.el8_2
NetworkManager-adsl-debuginfo-1:1.22.8-5.el8_2
NetworkManager-bluetooth-1:1.22.8-5.el8_2
NetworkManager-bluetooth-debuginfo-1:1.22.8-5.el8_2
NetworkManager-cloud-setup-1:1.22.8-5.el8_2
NetworkManager-cloud-setup-debuginfo-1:1.22.8-5.el8_2
NetworkManager-config-connectivity-redhat-1:1.22.8-5.el8_2
NetworkManager-config-server-1:1.22.8-5.el8_2
NetworkManager-debuginfo-1:1.22.8-5.el8_2
NetworkManager-debugsource-1:1.22.8-5.el8_2
NetworkManager-dispatcher-routing-rules-1:1.22.8-5.el8_2
NetworkManager-libnm-1:1.22.8-5.el8_2
NetworkManager-libnm-debuginfo-1:1.22.8-5.el8_2
NetworkManager-libnm-devel-1:1.22.8-5.el8_2
NetworkManager-ovs-1:1.22.8-5.el8_2
NetworkManager-ovs-debuginfo-1:1.22.8-5.el8_2
NetworkManager-ppp-1:1.22.8-5.el8_2
NetworkManager-ppp-debuginfo-1:1.22.8-5.el8_2
NetworkManager-team-1:1.22.8-5.el8_2
NetworkManager-team-debuginfo-1:1.22.8-5.el8_2
NetworkManager-tui-1:1.22.8-5.el8_2
NetworkManager-tui-debuginfo-1:1.22.8-5.el8_2
NetworkManager-wifi-1:1.22.8-5.el8_2
NetworkManager-wifi-debuginfo-1:1.22.8-5.el8_2
NetworkManager-wwan-1:1.22.8-5.el8_2
NetworkManager-wwan-debuginfo-1:1.22.8-5.el8_2
NetworkManager-1:1.18.8-1.el7
NetworkManager-adsl-1:1.18.8-1.el7
NetworkManager-bluetooth-1:1.18.8-1.el7
NetworkManager-config-server-1:1.18.8-1.el7
NetworkManager-debuginfo-1:1.18.8-1.el7
NetworkManager-dispatcher-routing-rules-1:1.18.8-1.el7
NetworkManager-glib-1:1.18.8-1.el7
NetworkManager-glib-devel-1:1.18.8-1.el7
NetworkManager-libnm-1:1.18.8-1.el7
NetworkManager-libnm-devel-1:1.18.8-1.el7
NetworkManager-ovs-1:1.18.8-1.el7
NetworkManager-ppp-1:1.18.8-1.el7
NetworkManager-team-1:1.18.8-1.el7
NetworkManager-tui-1:1.18.8-1.el7
NetworkManager-wifi-1:1.18.8-1.el7
NetworkManager-wwan-1:1.18.8-1.el7

refmap via4

confirm	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10754
fedora	FEDORA-2020-ace543feff

Last major update

02-11-2021 - 17:12

Published

08-06-2020 - 18:15

Last modified

02-11-2021 - 17:12