Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2021-1529.NASLHistoryMar 04, 2021 - 12:00 a.m.
EulerOS Virtualization for ARM 64 3.0.6.0 : NetworkManager (EulerOS-SA-2021-1529)
2021-03-0400:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
5.2 Medium
AI Score
Confidence
High
According to the version of the NetworkManager packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :
- It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.(CVE-2020-10754)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(147103);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/16");
script_cve_id("CVE-2020-10754");
script_name(english:"EulerOS Virtualization for ARM 64 3.0.6.0 : NetworkManager (EulerOS-SA-2021-1529)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization for ARM 64 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the version of the NetworkManager packages installed,
the EulerOS Virtualization for ARM 64 installation on the remote host
is affected by the following vulnerability :
- It was found that nmcli, a command line interface to
NetworkManager did not honour 802-1x.ca-path and
802-1x.phase2-ca-path settings, when creating a new
profile. When a user connects to a network using this
profile, the authentication does not happen and the
connection is made insecurely.(CVE-2020-10754)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1529
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d41b4020");
script_set_attribute(attribute:"solution", value:
"Update the affected NetworkManager package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10754");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2021/03/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:NetworkManager");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:NetworkManager-config-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:NetworkManager-libnm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:NetworkManager-team");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:NetworkManager-tui");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.6.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.6.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.6.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
flag = 0;
pkgs = ["NetworkManager-1.12.4-1.h10.eulerosv2r8",
"NetworkManager-config-server-1.12.4-1.h10.eulerosv2r8",
"NetworkManager-libnm-1.12.4-1.h10.eulerosv2r8",
"NetworkManager-team-1.12.4-1.h10.eulerosv2r8",
"NetworkManager-tui-1.12.4-1.h10.eulerosv2r8"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NetworkManager");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | euleros | networkmanager | p-cpe:/a:huawei:euleros:networkmanager |
| huawei | euleros | networkmanager-config-server | p-cpe:/a:huawei:euleros:networkmanager-config-server |
| huawei | euleros | networkmanager-libnm | p-cpe:/a:huawei:euleros:networkmanager-libnm |
| huawei | euleros | networkmanager-team | p-cpe:/a:huawei:euleros:networkmanager-team |
| huawei | euleros | networkmanager-tui | p-cpe:/a:huawei:euleros:networkmanager-tui |
| huawei | euleros | uvp | cpe:/o:huawei:euleros:uvp:3.0.6.0 |
Related
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : NetworkManager Vulnerability (NS-SA-2021-0048)
2021-03-10 00:00:00
Oracle Linux 7 : NetworkManager (ELSA-2020-4003)
2020-10-07 00:00:00
EulerOS 2.0 SP9 : NetworkManager (EulerOS-SA-2020-2486)
2020-12-01 00:00:00
prion
prion
Design/Logic Flaw
2020-06-08 18:15:00
redhat
redhat
openvas
openvas
Fedora: Security Advisory for NetworkManager (FEDORA-2020-ace543feff)
2020-06-23 00:00:00
Huawei EulerOS: Security Advisory for NetworkManager (EulerOS-SA-2021-1529)
2021-03-05 00:00:00
Fedora: Security Advisory for NetworkManager (FEDORA-2020-3857463d30)
2020-06-07 00:00:00
oraclelinux
oraclelinux
NetworkManager security and bug fix update
2020-10-06 00:00:00
NetworkManager security and bug fix update
2020-07-24 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: NetworkManager-1.20.12-1.fc31
2020-06-14 17:11:36
[SECURITY] Fedora 32 Update: NetworkManager-1.22.14-1.fc32
2020-06-01 01:26:38
cve
cve
CVE-2020-10754
2020-06-08 18:15:00
redhatcve
redhatcve
CVE-2020-10754
2020-05-29 04:55:34
amazon
amazon
Medium: NetworkManager
2020-10-22 17:09:00
centos
centos
NetworkManager security update
2020-10-20 18:34:41
osv
osv
CVE-2020-10754
2020-06-08 18:15:10
veracode
veracode
Insecure Authentication Controls
2020-07-22 03:39:34
f5
f5
K000132761 : CVE-2020-10754 NetworkManager
2023-02-25 00:00:00
ubuntucve
ubuntucve
CVE-2020-10754
2020-06-08 00:00:00
mageia
mageia
Updated networkmanager packages fix security vulnerability
2020-06-15 10:54:40
debiancve
debiancve
CVE-2020-10754
2020-06-08 18:15:00
