Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-375
Vulnerability from certfr_avis
Le 16 juin 2020, des chercheurs ont annoncé la découverte de dix-neuf vulnérabilités dans l'implémentation de la pile TCP/IP de Treck.
Ce composant est utilisé dans de nombreux systèmes embarqués et objets connectés, dont certains équipements médicaux et équipements de contrôle industriel. Les vulnérabilités les plus critiques permettent une exécution de code arbitraire à distance.
Lorsque des vulnérabilités sont découvertes dans un composant d'aussi bas niveau, il est très difficile de compiler une liste exhaustive de produits vulnérables. De plus, la simple présence de ce composant dans un produit n'implique pas forcément que celui-ci est vulnérable, parce que la vulnérabilité a déjà été corrigée ou encore parce que ce composant a été modifié et que la vulnérabilité n'est pas forcément atteignable.
Le CERT Carneggie Mellon ainsi que les chercheurs ont proposé sur leurs sites respectifs une liste de produits vulnérables et certains éditeurs ont déjà communiqué sur le statut de leurs produits (cf. section Documentation).
Parmi les dix-neuf vulnérabilités, les trois les plus critiques sont identifiées comme :
- CVE-2020-11896 : des datagrammes UDP fragmentés sur plusieurs paquets IP peuvent permettre un exécution de code arbitraire à distance ou un déni de service à distance sur des équipements avec une fonction d'IP Tunneling activée ;
- CVE-2020-11897 : des paquets IPv6 mal formés permettent une exécution de code arbitraire à distance [1] ;
- CVE-2020-11901 : une réponse DNS mal formée permet une exécution de code arbitraire à distance.
Si ces vulnérabilités sont jugées critiques, leur impact est atténué par les conditions d’exploitabilité.
Il convient donc de vérifier dans un premier temps si les équipements en bordure de réseau sont dans une configuration vulnérable. Si c'est le cas, il faut alors appliquer les mises à jour si elles sont disponibles ou mettre en œuvre les mesures de contournement.
[mise à jour du 26 octobre 2020] Les avis de sécurité Schneider Electric SEVD-2020-174-01 et SEVD-2020-175-01 ont été mis à jour le 22 octobre 2020 suite à la découverte d'impacts supplémentaires sur les produits Schneider. Des correctifs sont en cours de développement, certains ont déjà été publiés et des mesures de contournement sont identifiées et listées dans les avis à jour.
[1] cette vulnérabilité a été corrigée dans la version 5.0.1.35, sans être accompagnée d'un avis de sécurité à l'époque de sa mise à disposition.
Solution
Se référer au bulletin de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "versions de la pile TCP/IP de Treck ant\u00e9rieures \u00e0 6.0.1.66",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-11913",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11913"
},
{
"name": "CVE-2020-11910",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11910"
},
{
"name": "CVE-2020-11899",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11899"
},
{
"name": "CVE-2020-11908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11908"
},
{
"name": "CVE-2020-11906",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11906"
},
{
"name": "CVE-2020-11914",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11914"
},
{
"name": "CVE-2020-11897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11897"
},
{
"name": "CVE-2020-11911",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11911"
},
{
"name": "CVE-2020-11900",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11900"
},
{
"name": "CVE-2020-11903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11903"
},
{
"name": "CVE-2020-11912",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11912"
},
{
"name": "CVE-2020-11901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11901"
},
{
"name": "CVE-2020-11904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11904"
},
{
"name": "CVE-2020-11907",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11907"
},
{
"name": "CVE-2020-11905",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11905"
},
{
"name": "CVE-2020-11898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11898"
},
{
"name": "CVE-2020-11896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11896"
},
{
"name": "CVE-2020-11909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11909"
},
{
"name": "CVE-2020-11902",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11902"
}
],
"initial_release_date": "2021-01-08T00:00:00",
"last_revision_date": "2021-01-08T00:00:00",
"links": [
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11903"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11905",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11905"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-174-01 du 22 juin 2020, mis \u00e0 jour le 23 juin 2020 et mis \u00e0 jour le 22 octobre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-174-01/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-175-01 du 23 juin 2020 mis \u00e0 jour le 22 octobre 2020",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-175-01/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11911",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11911"
},
{
"title": "Annonce de Moxa du 30 juin 2020",
"url": "https://www.moxa.com/en/support/support/security-advisory/moxas-response-regarding-the-ripple20-vulnerabilities"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11902",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11902"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2020-006 du 23 juin 2020",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"title": "Communication de Green Hills Software du 16 juin 2020",
"url": "https://support.ghs.com/psirt/PSA-2020-05/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11897"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Treck du 16 juin 2020",
"url": "https://treck.com/vulnerability-response-information/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11908"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11907",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11907"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11910",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11910"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2020-0007 du 08 juillet 2020",
"url": "https://security.paloaltonetworks.com/PAN-SA-2020-0007"
},
{
"title": "Communication de Braun du 12 juin 2020",
"url": "https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/Skyline%20Response_Outlook_6.9.2020_FINAL1.pdf"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11906",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11906"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11904"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 HP HPSBPI03666 du 12 juin 2020",
"url": "https://support.hp.com/in-en/document/c06640149"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-treck-ip-stack-JyBQ5GyC du 17 juin 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11914",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11914"
},
{
"title": "Billet de blogue Ripple20 du 16 juin 2020",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11898"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11912",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11912"
},
{
"title": "Avis de s\u00e9curit\u00e9 du CERT Carnegie Mellon du 16 juin 2020",
"url": "https://kb.cert.org/vuls/id/257161"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11900",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11900"
},
{
"title": "Avis de s\u00e9curit\u00e9 ICS-CERT ICSA-20-168-01 du 16 juin 2020",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-168-01"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11909"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11901"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11913",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11913"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11896"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2020-11899",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11899"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-168-01 du 22 juin 2020, mis \u00e0 jour le 23 juin 2020",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SESB-2020-168-01_Treck_Vulnerabilities_Security_Bulletin.pdf\u0026p_Doc_Ref=SESB-2020-168-01"
}
],
"reference": "CERTFR-2020-AVI-375",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Le 16 juin 2020, des chercheurs ont annonc\u00e9 la d\u00e9couverte de dix-neuf\nvuln\u00e9rabilit\u00e9s dans l\u0027impl\u00e9mentation de la pile TCP/IP de Treck.\n\nCe composant est utilis\u00e9 dans de nombreux syst\u00e8mes embarqu\u00e9s et objets\nconnect\u00e9s, dont certains \u00e9quipements m\u00e9dicaux et \u00e9quipements de contr\u00f4le\nindustriel. Les vuln\u00e9rabilit\u00e9s les plus critiques permettent une\nex\u00e9cution de code arbitraire \u00e0 distance.\n\nLorsque des vuln\u00e9rabilit\u00e9s sont d\u00e9couvertes dans un composant d\u0027aussi\nbas niveau, il est tr\u00e8s difficile de compiler une liste exhaustive de\nproduits vuln\u00e9rables. De plus, la simple pr\u00e9sence de ce composant dans\nun produit n\u0027implique pas forc\u00e9ment que celui-ci est vuln\u00e9rable, parce\nque la vuln\u00e9rabilit\u00e9 a d\u00e9j\u00e0 \u00e9t\u00e9 corrig\u00e9e ou encore parce que ce\ncomposant a \u00e9t\u00e9 modifi\u00e9 et que la vuln\u00e9rabilit\u00e9 n\u0027est pas forc\u00e9ment\natteignable.\n\nLe CERT Carneggie Mellon ainsi que les chercheurs ont propos\u00e9 sur leurs\nsites respectifs une liste de produits vuln\u00e9rables et certains \u00e9diteurs\nont d\u00e9j\u00e0 communiqu\u00e9 sur le statut de leurs produits (cf. section\nDocumentation).\n\nParmi les dix-neuf vuln\u00e9rabilit\u00e9s, les trois les plus critiques sont\nidentifi\u00e9es comme :\n\n- CVE-2020-11896 : des datagrammes UDP fragment\u00e9s sur plusieurs\n paquets IP peuvent permettre un ex\u00e9cution de code arbitraire \u00e0\n distance ou un d\u00e9ni de service \u00e0 distance sur des \u00e9quipements avec\n une fonction d\u0027IP Tunneling activ\u00e9e ;\n- CVE-2020-11897 : des paquets IPv6 mal form\u00e9s permettent une\n ex\u00e9cution de code arbitraire \u00e0 distance \\[1\\] ;\n- CVE-2020-11901 : une r\u00e9ponse DNS mal form\u00e9e permet une ex\u00e9cution de\n code arbitraire \u00e0 distance.\n\nSi ces vuln\u00e9rabilit\u00e9s sont jug\u00e9es critiques, leur impact est att\u00e9nu\u00e9 par\nles conditions d\u2019exploitabilit\u00e9.\n\nIl convient donc de v\u00e9rifier dans un premier temps si les \u00e9quipements en\nbordure de r\u00e9seau sont dans une configuration vuln\u00e9rable. Si c\u0027est le\ncas, il faut alors appliquer les mises \u00e0 jour si elles sont disponibles\nou mettre en \u0153uvre les mesures de contournement.\n\n\u003cstrong\u003e\\[mise \u00e0 jour du 26 octobre 2020\\]\u003c/strong\u003e Les avis de s\u00e9curit\u00e9 Schneider\nElectric SEVD-2020-174-01 et SEVD-2020-175-01 ont \u00e9t\u00e9 mis \u00e0 jour le 22\noctobre 2020 suite \u00e0 la d\u00e9couverte d\u0027impacts suppl\u00e9mentaires sur les\nproduits Schneider. Des correctifs sont en cours de d\u00e9veloppement,\ncertains ont d\u00e9j\u00e0 \u00e9t\u00e9 publi\u00e9s et des mesures de contournement sont\nidentifi\u00e9es et list\u00e9es dans les avis \u00e0 jour.\n\n\u00a0\n\n\\[1\\] cette vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans la version 5.0.1.35, sans\n\u00eatre accompagn\u00e9e d\u0027un avis de s\u00e9curit\u00e9 \u00e0 l\u0027\u00e9poque de sa mise \u00e0\ndisposition.\n",
"title": "[M\u00e0J] Multiples vuln\u00e9rabilit\u00e9s dans la pile TCP/IP de Treck",
"vendor_advisories": []
}
CVE-2020-11903 (GCVE-0-2020-11903)
Vulnerability from cvelistv5
Published
2020-06-17 10:37
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:09:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11903",
"datePublished": "2020-06-17T10:37:56",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11901 (GCVE-0-2020-11901)
Vulnerability from cvelistv5
Published
2020-06-17 10:34
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:06:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11901",
"datePublished": "2020-06-17T10:34:01",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11914 (GCVE-0-2020-11914)
Vulnerability from cvelistv5
Published
2020-06-17 10:59
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:28:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11914",
"datePublished": "2020-06-17T10:59:51",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11904 (GCVE-0-2020-11904)
Vulnerability from cvelistv5
Published
2020-06-17 10:41
Modified
2025-09-30 14:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-11904",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T14:49:41.242680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T14:49:48.244Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:10:30.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11904",
"datePublished": "2020-06-17T10:41:12.000Z",
"dateReserved": "2020-04-19T00:00:00.000Z",
"dateUpdated": "2025-09-30T14:49:48.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11913 (GCVE-0-2020-11913)
Vulnerability from cvelistv5
Published
2020-06-17 10:58
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:27:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11913",
"datePublished": "2020-06-17T10:58:24",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11896 (GCVE-0-2020-11896)
Vulnerability from cvelistv5
Published
2020-06-17 10:21
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-21T23:54:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11896",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11896",
"datePublished": "2020-06-17T10:21:31",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11906 (GCVE-0-2020-11906)
Vulnerability from cvelistv5
Published
2020-06-17 10:44
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:19:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11906",
"datePublished": "2020-06-17T10:44:58",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11905 (GCVE-0-2020-11905)
Vulnerability from cvelistv5
Published
2020-06-17 10:43
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:11:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11905",
"datePublished": "2020-06-17T10:43:14",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11912 (GCVE-0-2020-11912)
Vulnerability from cvelistv5
Published
2020-06-17 10:56
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:27:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11912",
"datePublished": "2020-06-17T10:56:38",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11898 (GCVE-0-2020-11898)
Vulnerability from cvelistv5
Published
2020-06-17 10:26
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-21T23:58:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11898",
"datePublished": "2020-06-17T10:26:18",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11911 (GCVE-0-2020-11911)
Vulnerability from cvelistv5
Published
2020-06-17 10:55
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:23:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11911",
"datePublished": "2020-06-17T10:55:05",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11897 (GCVE-0-2020-11897)
Vulnerability from cvelistv5
Published
2020-06-17 10:23
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-21T23:57:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11897",
"datePublished": "2020-06-17T10:23:22",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11907 (GCVE-0-2020-11907)
Vulnerability from cvelistv5
Published
2020-06-17 10:47
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:20:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11907",
"datePublished": "2020-06-17T10:47:17",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11902 (GCVE-0-2020-11902)
Vulnerability from cvelistv5
Published
2020-06-17 10:36
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:07:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11902",
"datePublished": "2020-06-17T10:36:19",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11899 (GCVE-0-2020-11899)
Vulnerability from cvelistv5
Published
2020-06-17 10:27
Modified
2025-07-30 01:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-11899",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T19:52:23.602712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11899"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:45:40.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00+00:00",
"value": "CVE-2020-11899 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-10T20:15:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwe.mitre.org/data/definitions/125.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11899",
"datePublished": "2020-06-17T10:27:59.000Z",
"dateReserved": "2020-04-19T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:45:40.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11910 (GCVE-0-2020-11910)
Vulnerability from cvelistv5
Published
2020-06-17 10:52
Modified
2025-09-30 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-11910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:49:31.482628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:49:44.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:23:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11910",
"datePublished": "2020-06-17T10:52:48.000Z",
"dateReserved": "2020-04-19T00:00:00.000Z",
"dateUpdated": "2025-09-30T15:49:44.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11900 (GCVE-0-2020-11900)
Vulnerability from cvelistv5
Published
2020-06-17 10:30
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:05:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04012en_us"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11900",
"datePublished": "2020-06-17T10:30:24",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11908 (GCVE-0-2020-11908)
Vulnerability from cvelistv5
Published
2020-06-17 10:49
Modified
2024-08-04 11:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 4.7.1.27 mishandles \u0027\\0\u0027 termination in DHCP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:21:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 4.7.1.27 mishandles \u0027\\0\u0027 termination in DHCP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11908",
"datePublished": "2020-06-17T10:49:17",
"dateReserved": "2020-04-19T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11909 (GCVE-0-2020-11909)
Vulnerability from cvelistv5
Published
2020-06-17 10:51
Modified
2025-09-30 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-11909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:51:45.294712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:52:16.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-22T00:22:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.treck.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/257161/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/257161/"
},
{
"name": "https://www.treck.com",
"refsource": "MISC",
"url": "https://www.treck.com"
},
{
"name": "https://jsof-tech.com/vulnerability-disclosure-policy/",
"refsource": "MISC",
"url": "https://jsof-tech.com/vulnerability-disclosure-policy/"
},
{
"name": "VU#257161",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257161"
},
{
"name": "https://www.jsof-tech.com/ripple20/",
"refsource": "MISC",
"url": "https://www.jsof-tech.com/ripple20/"
},
{
"name": "20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200625-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200625-0006/"
},
{
"name": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11909",
"datePublished": "2020-06-17T10:51:09.000Z",
"dateReserved": "2020-04-19T00:00:00.000Z",
"dateUpdated": "2025-09-30T15:52:16.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…