Lucene search

CVE-2020-7069

🗓️ 02 Oct 2020 15:12:15Reported by [email protected]Type

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, AES-CCM mode in openssl_encrypt() function has IV vulnerability

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 92
Cvelist	CVE-2020-7069 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV	2 Oct 202014:14	–	cvelist
Prion	Code injection	2 Oct 202015:15	–	prion
Veracode	Insecure Encryption	2 Oct 202006:07	–	veracode
Debian CVE	CVE-2020-7069	2 Oct 202015:15	–	debiancve
CVE	CVE-2020-7069	2 Oct 202015:15	–	cve
OSV	CVE-2020-7069	2 Oct 202015:15	–	osv
OSV	BIT-php-2020-7069	6 Mar 202411:06	–	osv
OSV	BIT-PHP-MIN-2020-7069	14 Jan 202519:23	–	osv
OSV	php5, php7.0, php7.2, php7.4 vulnerabilities	14 Oct 202017:42	–	osv
OSV	RHSA-2021:4213 Red Hat Security Advisory: php:7.4 security, bug fix, and enhancement update	13 Sep 202422:46	–	osv

Nvd

Node

php phpRange7.2.0–7.2.34

php phpRange7.3.0–7.3.23

php phpRange7.4.0–7.4.11

Node

fedoraproject fedoraMatch31

fedoraproject fedoraMatch32

fedoraproject fedoraMatch33

Node

debian debian_linuxMatch10.0

Node

opensuse leapMatch15.1

opensuse leapMatch15.2

Node

canonical ubuntu_linuxMatch12.04-

canonical ubuntu_linuxMatch14.04esm

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch20.04lts

Node

netapp clustered_data_ontapMatch-

Node

oracle communications_diameter_signaling_routerRange8.0.0–8.5.0

Node

tenable tenable.scRange<5.19.0

Source	Link
oracle	www.oracle.com/security-alerts/cpuApr2021.html
tenable	www.tenable.com/security/tns-2021-14
lists	www.lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html
security	www.security.gentoo.org/glsa/202012-16
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/
usn	www.usn.ubuntu.com/4583-1/
bugs	www.bugs.php.net/bug.php
debian	www.debian.org/security/2021/dsa-4856
oracle	www.oracle.com/security-alerts/cpuoct2021.html
security	www.security.netapp.com/advisory/ntap-20201016-0001/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Oct 2020 15:15Current

CVSS26.4

CVSS36.5

EPSS0.09212