Lucene search

[email protected]CVE-2020-13135

HistoryMay 18, 2020 - 5:15 p.m.

CVE-2020-13135

2020-05-1817:15:10

CWE-327

[email protected]

web.nvd.nist.gov

cve-2020-13135

d-link

dsp-w215

info disclosure

squid proxy

nvd

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.9%

JSON

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy.

Affected configurations

NVD

Node

dlinkdsp-w215_firmwareMatch1.26b03

AND

dlinkdsp-w215Matcha1

CPENameOperatorVersion
dlink:dsp-w215_firmwaredlink dsp-w215 firmwareeq1.26b03

CPE	Name	Operator	Version
dlink:dsp-w215_firmware	dlink dsp-w215 firmware	eq	1.26b03

References

supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10172

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.9%

JSON

Related for CVE-2020-13135

prion1 cvelist1 nvd1