Lucene search

[email protected]CVE-2020-26566

HistoryOct 26, 2020 - 6:15 p.m.

CVE-2020-26566

2020-10-2618:15:00

CWE-125

[email protected]

web.nvd.nist.gov

cve-2020-26566

denial of service

motion-project motion

nvd

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

A Denial of Service condition in Motion-Project Motion 3.2 through 4.3.1 allows remote unauthenticated users to cause a webu.c segmentation fault and kill the main process via a crafted HTTP request.

CPENameOperatorVersion
motion_project:motionmotion project motionle4.3.1

CPE	Name	Operator	Version
motion_project:motion	motion project motion	le	4.3.1

References

github.com/Motion-Project/motion/issues/1227#issuecomment-715927776

github.com/Motion-Project/motion/releases

motion-project.github.io/index.html

security.gentoo.org/glsa/202208-18

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for CVE-2020-26566

nessus2 gentoo1 debiancve1 prion1 osv1 ubuntucve1 freebsd1