K63525058: cURL vulnerability CVE-2020-8284

🗓️ 21 Feb 2023 18:53:12Reported by f5Type

f5🔗 my.f5.com👁 50 Views

cURL vulnerability CVE-2020-8284 - Malicious FTP server tricking cURL into revealing private informatio

Reporter	Title	Published	Views	Family All 192
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Curl affect PowerSC (CVE-2020-8284, CVE-2020-8285, and CVE-2020-8286)	15 Mar 202117:09	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs	19 Oct 202115:38	–	ibm
IBM Security Bulletins	Security Bulletin: cURL libcurl vulnerabilites impacting Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0 and earlier (CVE-2020-8284, CVE-2020-8286, CVE-2020-8285)	4 Jun 202116:40	–	ibm
IBM Security Bulletins	Security Bulletin: cURL libcurl vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 4.0 and earlier (CVE-2020-8284, CVE-2020-8286, CVE-2020-8285)	4 Jun 202101:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ is affected by a vulnerability within libcurl (CVE-2020-8284)	19 May 202111:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities	3 Dec 202118:52	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (Multiple CVEs)	22 Apr 202212:50	–	ibm
FreeBSD	cURL -- Multiple vulnerabilities	9 Dec 202000:00	–	freebsd
Tenable Nessus	Amazon Linux 2 : curl (ALAS-2021-1693)	6 Aug 202100:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0078: curl (ALINUX3-SA-2021:0078)	14 May 202500:00	–	nessus

Vulners

Node

f5 big-ip_ltmRange16.0.0–16.0.1

OR

f5 big-ip_aamRange16.0.0–16.0.1

OR

f5 big-ip_advanced_wafRange16.0.0–16.0.1

OR

f5 big-ip_afmRange16.0.0–16.0.1

OR

f5 big-ip_analyticsRange16.0.0–16.0.1

OR

f5 big-ip_apmRange16.0.0–16.0.1

OR

f5 big-ip_asmRange16.0.0–16.0.1

OR

f5 big-ip_ddhdRange16.0.0–16.0.1

OR

f5 big-ip_dnsRange16.0.0–16.0.1

OR

f5 big-ip_fpsRange16.0.0–16.0.1

OR

f5 big-ip_gtmRange16.0.0–16.0.1

OR

f5 big-ip_link_controllerRange16.0.0–16.0.1

OR

f5 big-ip_pemRange16.0.0–16.0.1

OR

f5 big-ip_ssloRange16.0.0–16.0.1

OR

f5 big-ip_ltmRange15.1.0–15.1.2

OR

f5 big-ip_aamRange15.1.0–15.1.2

OR

f5 big-ip_advanced_wafRange15.1.0–15.1.2

OR

f5 big-ip_afmRange15.1.0–15.1.2

OR

f5 big-ip_analyticsRange15.1.0–15.1.2

OR

f5 big-ip_apmRange15.1.0–15.1.2

OR

f5 big-ip_asmRange15.1.0–15.1.2

OR

f5 big-ip_ddhdRange15.1.0–15.1.2

OR

f5 big-ip_dnsRange15.1.0–15.1.2

OR

f5 big-ip_fpsRange15.1.0–15.1.2

OR

f5 big-ip_gtmRange15.1.0–15.1.2

OR

f5 big-ip_link_controllerRange15.1.0–15.1.2

OR

f5 big-ip_pemRange15.1.0–15.1.2

OR

f5 big-ip_ssloRange15.1.0–15.1.2

OR

f5 big-ip_ltmRange14.1.0–14.1.3

OR

f5 big-ip_aamRange14.1.0–14.1.3

OR

f5 big-ip_advanced_wafRange14.1.0–14.1.3

OR

f5 big-ip_afmRange14.1.0–14.1.3

OR

f5 big-ip_analyticsRange14.1.0–14.1.3

OR

f5 big-ip_apmRange14.1.0–14.1.3

OR

f5 big-ip_asmRange14.1.0–14.1.3

OR

f5 big-ip_ddhdRange14.1.0–14.1.3

OR

f5 big-ip_dnsRange14.1.0–14.1.3

OR

f5 big-ip_fpsRange14.1.0–14.1.3

OR

f5 big-ip_gtmRange14.1.0–14.1.3

OR

f5 big-ip_link_controllerRange14.1.0–14.1.3

OR

f5 big-ip_pemRange14.1.0–14.1.3

OR

f5 big-ip_ssloRange14.1.0–14.1.3

OR

f5 big-iq_centralized_managementMatch8.0.0

OR

f5 f5osRange1.0.0–1.1.4

OR

f5 traffix_sdcMatch5.1.0

21 Feb 2023 18:53Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.13.7

CVSS 24.3

EPSS0.03851

SSVC

curl vulnerability ftp malicious server ip address port information disclosure f5 product