Lucene search

K
cve[email protected]CVE-2020-13245
HistoryMay 28, 2020 - 7:15 p.m.

CVE-2020-13245

2020-05-2819:15:10
CWE-295
web.nvd.nist.gov
66
netgear
missing ssl certificate validation
cve-2020-13245
r7000
r6120
r7800
r6220
r8000
r6350
r9000
r6400
rax120
r6400v2
rbr20
r6800
xr300
r6850
xr500
r7000p
nvd

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.9%

Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.

Affected configurations

NVD
Node
netgearr6120_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6120Match-
Node
netgearr6220_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6220Match-
Node
netgearr6350_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6350Match-
Node
netgearr6400_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6400Match-
Node
netgearr6400_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6400Matchv2
Node
netgearr6800_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6800Match-
Node
netgearr6850_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr6850Match-
Node
netgearr7000p_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr7000pMatch-
Node
netgearr7800_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr7800Match-
Node
netgearr8000_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr8000Match-
Node
netgearr9000_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearr9000Match-
Node
netgearrax120_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearrax120Match-
Node
netgearrbr20_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearrbr20Match-
Node
netgearxr300_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearxr300Match-
Node
netgearxr500_firmwareRangev1.0.9.6_1.2.19v1.0.11.100_10.2.100
AND
netgearxr500Match-

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.9%

Related for CVE-2020-13245