Lucene search

[email protected]CVE-2020-29056

HistoryNov 24, 2020 - 9:15 p.m.

CVE-2020-29056

2020-11-2421:15:11

CWE-78

[email protected]

web.nvd.nist.gov

security

vulnerability

cve-2020-29056

cdata

privilege escalation

tftp

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

JSON

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. One can escape from a shell and acquire root privileges by leveraging the TFTP download configuration.

Affected configurations

NVD

Node

cdatatec72408a_firmwareMatch1.2.2

cdatatec72408a_firmwareMatch2.4.03_000

cdatatec72408a_firmwareMatch2.4.04_001

cdatatec72408a_firmwareMatch2.4.05_000

AND

cdatatec72408aMatch-

Node

cdatatec9008a_firmwareMatch1.2.2

cdatatec9008a_firmwareMatch2.4.03_000

cdatatec9008a_firmwareMatch2.4.04_001

cdatatec9008a_firmwareMatch2.4.05_000

AND

cdatatec9008aMatch-

Node

cdatatec9016a_firmwareMatch1.2.2

cdatatec9016a_firmwareMatch2.4.03_000

cdatatec9016a_firmwareMatch2.4.04_001

cdatatec9016a_firmwareMatch2.4.05_000

AND

cdatatec9016aMatch-

Node

cdatatec92408a_firmwareMatch1.2.2

cdatatec92408a_firmwareMatch2.4.03_000

cdatatec92408a_firmwareMatch2.4.04_001

cdatatec92408a_firmwareMatch2.4.05_000

AND

cdatatec92408aMatch-

Node

cdatatec92416a_firmwareMatch1.2.2

cdatatec92416a_firmwareMatch2.4.03_000

cdatatec92416a_firmwareMatch2.4.04_001

cdatatec92416a_firmwareMatch2.4.05_000

AND

cdatatec92416aMatch-

Node

cdatatec9288_firmwareMatch1.2.2

cdatatec9288_firmwareMatch2.4.03_000

cdatatec9288_firmwareMatch2.4.04_001

cdatatec9288_firmwareMatch2.4.05_000

AND

cdatatec9288Match-

Node

cdatatec97016_firmwareMatch1.2.2

cdatatec97016_firmwareMatch2.4.03_000

cdatatec97016_firmwareMatch2.4.04_001

cdatatec97016_firmwareMatch2.4.05_000

AND

cdatatec97016Match-

Node

cdatatec97024p_firmwareMatch1.2.2

cdatatec97024p_firmwareMatch2.4.03_000

cdatatec97024p_firmwareMatch2.4.04_001

cdatatec97024p_firmwareMatch2.4.05_000

AND

cdatatec97024pMatch-

Node

cdatatec97028p_firmwareMatch1.2.2

cdatatec97028p_firmwareMatch2.4.03_000

cdatatec97028p_firmwareMatch2.4.04_001

cdatatec97028p_firmwareMatch2.4.05_000

AND

cdatatec97028pMatch-

Node

cdatatec97042p_firmwareMatch1.2.2

cdatatec97042p_firmwareMatch2.4.03_000

cdatatec97042p_firmwareMatch2.4.04_001

cdatatec97042p_firmwareMatch2.4.05_000

AND

cdatatec97042pMatch-

Node

cdatatec97084p_firmwareMatch1.2.2

cdatatec97084p_firmwareMatch2.4.03_000

cdatatec97084p_firmwareMatch2.4.04_001

cdatatec97084p_firmwareMatch2.4.05_000

AND

cdatatec97084pMatch-

Node

cdatatec97168p_firmwareMatch1.2.2

cdatatec97168p_firmwareMatch2.4.03_000

cdatatec97168p_firmwareMatch2.4.04_001

cdatatec97168p_firmwareMatch2.4.05_000

AND

cdatatec97168pMatch-

Node

cdatatecfd1002s_firmwareMatch1.2.2

cdatatecfd1002s_firmwareMatch2.4.03_000

cdatatecfd1002s_firmwareMatch2.4.04_001

cdatatecfd1002s_firmwareMatch2.4.05_000

AND

cdatatecfd1002sMatch-

Node

cdatafd1104_firmwareMatch2.4.03_000

cdatatecfd1104_firmwareMatch1.2.2

cdatatecfd1104_firmwareMatch2.4.04_001

cdatatecfd1104_firmwareMatch2.4.05_000

AND

cdatatecfd1104Match-

Node

cdatatecfd1104b_firmwareMatch1.2.2

cdatatecfd1104b_firmwareMatch2.4.03_000

cdatatecfd1104b_firmwareMatch2.4.04_001

cdatatecfd1104b_firmwareMatch2.4.05_000

AND

cdatatecfd1104bMatch-

Node

cdatatecfd1104s_firmwareMatch1.2.2

cdatatecfd1104s_firmwareMatch2.4.03_000

cdatatecfd1104s_firmwareMatch2.4.04_001

cdatatecfd1104s_firmwareMatch2.4.05_000

AND

cdatatecfd1104sMatch-

Node

cdatatecfd1104sn_firmwareMatch1.2.2

cdatatecfd1104sn_firmwareMatch2.4.03_000

cdatatecfd1104sn_firmwareMatch2.4.04_001

cdatatecfd1104sn_firmwareMatch2.4.05_000

AND

cdatatecfd1104snMatch-

Node

cdatatecfd1108s_firmwareMatch1.2.2

cdatatecfd1108s_firmwareMatch2.4.03_000

cdatatecfd1108s_firmwareMatch2.4.04_001

cdatatecfd1108s_firmwareMatch2.4.05_000

AND

cdatatecfd1108sMatch-

Node

cdatatecfd1204s-r2_firmwareMatch1.2.2

cdatatecfd1204s-r2_firmwareMatch2.4.03_000

cdatatecfd1204s-r2_firmwareMatch2.4.04_001

cdatatecfd1204s-r2_firmwareMatch2.4.05_000

AND

cdatatecfd1204s-r2Match-

Node

cdatatecfd1204sn_firmwareMatch1.2.2

cdatatecfd1204sn_firmwareMatch2.4.03_000

cdatatecfd1204sn_firmwareMatch2.4.04_001

cdatatecfd1204sn_firmwareMatch2.4.05_000

AND

cdatatecfd1204snMatch-

Node

cdatatecfd1204sn-r2_firmwareMatch1.2.2

cdatatecfd1204sn-r2_firmwareMatch2.4.03_000

cdatatecfd1204sn-r2_firmwareMatch2.4.04_001

cdatatecfd1204sn-r2_firmwareMatch2.4.05_000

AND

cdatatecfd1204sn-r2Match-

Node

cdatatecfd1208s-r2_firmwareMatch1.2.2

cdatatecfd1208s-r2_firmwareMatch2.4.03_000

cdatatecfd1208s-r2_firmwareMatch2.4.04_001

cdatatecfd1208s-r2_firmwareMatch2.4.05_000

AND

cdatatecfd1208s-r2Match-

Node

cdatatecfd1216s-r1_firmwareMatch1.2.2

cdatatecfd1216s-r1_firmwareMatch2.4.03_000

cdatatecfd1216s-r1_firmwareMatch2.4.04_001

cdatatecfd1216s-r1_firmwareMatch2.4.05_000

AND

cdatatecfd1216s-r1Match-

Node

cdatatecfd1608gs_firmwareMatch1.2.2

cdatatecfd1608gs_firmwareMatch2.4.03_000

cdatatecfd1608gs_firmwareMatch2.4.04_001

cdatatecfd1608gs_firmwareMatch2.4.05_000

AND

cdatatecfd1608gsMatch-

Node

cdatatecfd1608sn_firmwareMatch1.2.2

cdatatecfd1608sn_firmwareMatch2.4.03_000

cdatatecfd1608sn_firmwareMatch2.4.04_001

cdatatecfd1608sn_firmwareMatch2.4.05_000

AND

cdatatecfd1608snMatch-

Node

cdatatecfd1616gs_firmwareMatch1.2.2

cdatatecfd1616gs_firmwareMatch2.4.03_000

cdatatecfd1616gs_firmwareMatch2.4.04_001

cdatatecfd1616gs_firmwareMatch2.4.05_000

AND

cdatatecfd1616gsMatch-

Node

cdatatecfd1616sn_firmwareMatch1.2.2

cdatatecfd1616sn_firmwareMatch2.4.03_000

cdatatecfd1616sn_firmwareMatch2.4.04_001

cdatatecfd1616sn_firmwareMatch2.4.05_000

AND

cdatatecfd1616snMatch-

Node

cdatatecfd8000_firmwareMatch1.2.2

cdatatecfd8000_firmwareMatch2.4.03_000

cdatatecfd8000_firmwareMatch2.4.04_001

cdatatecfd8000_firmwareMatch2.4.05_000

AND

cdatatecfd8000Match-

CPENameOperatorVersion
cdatatec:72408a_firmwarecdatatec 72408a firmwareeq1.2.2
cdatatec:72408a_firmwarecdatatec 72408a firmwareeq2.4.03_000
cdatatec:72408a_firmwarecdatatec 72408a firmwareeq2.4.04_001
cdatatec:72408a_firmwarecdatatec 72408a firmwareeq2.4.05_000

CPE	Name	Operator	Version
cdatatec:72408a_firmware	cdatatec 72408a firmware	eq	1.2.2
cdatatec:72408a_firmware	cdatatec 72408a firmware	eq	2.4.03_000
cdatatec:72408a_firmware	cdatatec 72408a firmware	eq	2.4.04_001
cdatatec:72408a_firmware	cdatatec 72408a firmware	eq	2.4.05_000

References

pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for CVE-2020-29056

prion1 cvelist1 nvd1