CVE-2020-26142

{"id": "CVE-2020-26142", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2021-05-11T20:15:08.760", "references": [{"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.fragattacks.com", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.fragattacks.com", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-74"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration."}, {"lang": "es", "value": "Se detect\u00f3 un problema en el kernel en OpenBSD versi\u00f3n 6.6. Las implementaciones WEP, WPA, WPA2 y WPA3 tratan las tramas fragmentadas como tramas completas. Un adversario puede abusar de esto para inyectar paquetes de red arbitrarios, independientemente de la configuraci\u00f3n de la red"}], "lastModified": "2024-11-21T05:19:21.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:openbsd:openbsd:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E0CC007-1428-4683-A196-3544F1C9CC92"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}