7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:N/A:C
0.005 Low
EPSS
Percentile
77.2%
The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic to arbitrary destinations using the SUBSCRIBE functionality.
The UPnP protocol, as specified by the Open Connectivity Foundation (OCF), is designed to provide automatic discovery and interaction with devices on a network. The UPnP protocol is designed to be used in a trusted local area network (LAN) and the protocol does not implement any form of authentication or verification.
Many common Internet-connected devices support UPnP, as noted in previous research from Daniel Garcia (VU#357851) and Rapid7. Garcia presented at DEFCON 2019 and published a scanning and portmapping tool. The UPnP Device Protection service was not widely adopted.
A vulnerability in the UPnP SUBSCRIBE capability permits an attacker to send large amounts of data to arbitrary destinations accessible over the Internet, which could lead to a Distributed Denial of Service (DDoS), data exfiltration, and other unexpected network behavior. The OCF has updated the UPnP specification to address this issue. This vulnerability has been assigned CVE-2020-12695 and is also known as Call Stranger.
Although offering UPnP services on the Internet is generally considered to be a misconfiguration, a number of devices are still available over the Internet according to a recent Shodan scan.
A remote, unauthenticated attacker may be able to abuse the UPnP SUBSCRIBE capability to send traffic to arbitrary destinations, leading to amplified DDoS attacks and data exfiltration. In general, making UPnP available over the the Internet can pose further security vulnerabilities than the one described in this vulnerability note.
A number of devices have been identified as vulnerable by the security researcher and have been posted at the CallStranger website. There is more information on affected devices in Tenable’s blog on cve-2020-12695.
Vendors are urged to implement the updated specification provided by the OCF… Users should monitor vendor support channels for updates that implement the new SUBSCRIBE specification.
Disable the UPnP protocol on Internet-accessible interfaces. Device manufacturers are urged to disable the UPnP SUBSCRIBE capability in their default configuration and to require users to explicitly enable SUBSCRIBE with any appropriate network restrictions to limit its usage to a trusted local area network.
This Surricata IDS rule looks for any HTTP SUBSCRIBE request to what is likely to be an external network (i.e., not RFC1918 and RFC4193 addresses). Network administrators and ISPs can deploy this signature at the Internet access point to detect any anomalous SUBSCRIBE requests reaching their users.
alert http any any -> ![fd00::/8,192.168.0.0/16,10.0.0.0/8,172.16.0.0/12] any (msg:"UPnP SUBSCRIBE request seen to external network VU#339275: CVE- 2020-12695 https://kb.cert.org "; content: "subscribe"; nocase; http_method; sid:1367339275;)
This vulnerability was reported by Yunus Çadirci from EY Turkey.
This document was written by Vijay Sarvepalli.
339275
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Updated: 2020-06-29 CVE-2020-12695 | Affected |
---|
We have not received a statement from the vendor.
Open Connectivity Foundation has updated their specification and published in the bulletin, see references.
Notified: 2020-06-17 Updated: 2020-06-29
Statement Date: June 22, 2020
CVE-2020-12695 | Affected |
---|
Please refer to Synology-SA-20:13
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Affected |
---|
Zyxel security team confirms that Zyxel’s VMG8324-B10A has the default firewall rule to block UPnP traffic from WAN since its first firmware V1.00(AAKL.0)C0 released in May 2013. However, if users intentionally disable the firewall feature, it could be vulnerable.
Users are urged to not disable firewall to reduce the impact of this vulnerability from the WAN interface. Check Zyxel advisories for regular updates.
Updated: 2020-06-29 CVE-2020-12695 | Affected |
---|
We have not received a statement from the vendor.
HostAP has released a statement and patches, see the References section for details.
Updated: 2020-07-02 CVE-2020-12695 | Not Affected |
---|
None of the Ruckus products are vulnerable to CVE-2020-12695
Commscope acquired Arris and Ruckus Wireless. Announcements may be duplicated in the brand named vendor sections.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Not Affected |
---|
In NCOS, UPnP Gateway is disabled and the zone-based firewall is configured with an explicit deny for unsolicited inbound traffic by default
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Not Affected |
---|
LANCOM Systems products are not vulnerable to these vulnerabilities.
Notified: 2020-07-06 Updated: 2020-06-29
Statement Date: July 07, 2020
CVE-2020-12695 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Not Affected |
---|
None of the Ruckus products are vulnerable to CVE-2020-12695
Please note that Commscope acquired Ruckus Wireless in 2019. You may see future advisory under Commscope.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-06-29 Updated: 2020-07-02 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-05-05 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 | Unknown |
---|
We have not received a statement from the vendor.
View all 194 vendors __View less vendors __
CVE IDs: | CVE-2020-12695 |
---|---|
Date Public: | 2020-06-08 Date First Published: |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:N/A:C
0.005 Low
EPSS
Percentile
77.2%