Lucene search

MitreCVE-2019-20648

HistoryApr 15, 2020 - 6:15 p.m.

CVE-2019-20648

2020-04-1518:15:14

mitre

web.nvd.nist.gov

cve-2019-20648

netgear

rn42400

security misconfiguration

nvd

CVSS2

2.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:S/C:N/I:P/A:N

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

4.4

Confidence

High

EPSS

Percentile

12.6%

JSON

NETGEAR RN42400 devices before 6.10.2 are affected by incorrect configuration of security settings.

Affected configurations

Nvd

Node

netgearrn42400_firmwareRange<6.10.2

AND

netgearrn42400Match-

VendorProductVersionCPE
netgearrn42400_firmware*cpe:2.3:o:netgear:rn42400_firmware:*:*:*:*:*:*:*:*
netgearrn42400-cpe:2.3:h:netgear:rn42400:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	rn42400_firmware	*	cpe:2.3:o:netgear:rn42400_firmware::::::::
netgear	rn42400	-	cpe:2.3:h:netgear:rn42400:-:::::::*

References

kb.netgear.com/000061494/Security-Advisory-for-Security-Misconfiguration-on-RN42400-PSV-2019-0205

CVSS2

2.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:S/C:N/I:P/A:N

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

4.4

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVE-2019-20648