CVE-2020-8832

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

CVSS v3 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840	Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20200430-0004/	Third Party Advisory
https://usn.ubuntu.com/usn/usn-4302-1	Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840	Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20200430-0004/	Third Party Advisory
https://usn.ubuntu.com/usn/usn-4302-1	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:netapp:cloud_backup:-:::::::*
	cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::*
	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:netapp:aff_a220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a220:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:aff_a320_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a320:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netapp:aff_c190_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_c190:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:netapp:fas8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas8300:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:netapp:fas8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas8700:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a220:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a320_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a320:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a400:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a800:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_c190_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_c190:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

Configuration 31 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

History

21 Nov 2024, 05:39

Type	Values Removed	Values Added
References	~~() https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840 - Issue Tracking, Third Party Advisory~~	() https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840 - Issue Tracking, Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20200430-0004/ - Third Party Advisory~~	() https://security.netapp.com/advisory/ntap-20200430-0004/ - Third Party Advisory
References	~~() https://usn.ubuntu.com/usn/usn-4302-1 - Third Party Advisory~~	() https://usn.ubuntu.com/usn/usn-4302-1 - Third Party Advisory

11 Oct 2022, 19:29

Type	Values Removed	Values Added
CPE		cpe:2.3:h:netapp:fas2720:-:::::::* cpe:2.3:o:netapp:fas_baseboard_management_controller_c190_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:::::::* cpe:2.3:h:netapp:aff_8300:-:::::::* cpe:2.3:o:netapp:fas2720_firmware:-:::::::* cpe:2.3:o:netapp:aff_8700_firmware:-:::::::* cpe:2.3:o:netapp:fas_baseboard_management_controller_a320_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:::::::* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::* cpe:2.3:o:netapp:fas_baseboard_management_controller_a220_firmware:-:::::::* cpe:2.3:h:netapp:aff_a700s:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h610s_firmware:-:::::::* cpe:2.3:h:netapp:fas_baseboard_management_controller_a400:-:::::::* cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm::: cpe:2.3:o:netapp:aff_a700s_firmware:-:::::::* cpe:2.3:a:netapp:cloud_backup:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:::::::* cpe:2.3:h:netapp:fas_baseboard_management_controller_a320:-:::::::* cpe:2.3:o:netapp:aff_a220_firmware:-:::::::* cpe:2.3:o:netapp:aff_c190_firmware:-:::::::* cpe:2.3:o:netapp:aff_a400_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h615c:-:::::::* cpe:2.3:h:netapp:aff_a220:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h610c_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:::::::* cpe:2.3:h:netapp:fas8700:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h610c:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h615c_firmware:-:::::::* cpe:2.3:o:netapp:fas8300_firmware:-:::::::* cpe:2.3:h:netapp:aff_a400:-:::::::* cpe:2.3:h:netapp:fas_baseboard_management_controller_a220:-:::::::* cpe:2.3:h:netapp:fas8300:-:::::::* cpe:2.3:h:netapp:fas_baseboard_management_controller_a800:-:::::::* cpe:2.3:o:netapp:aff_a320_firmware:-:::::::* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::* cpe:2.3:o:netapp:fas2750_firmware:-:::::::* cpe:2.3:h:netapp:fas_baseboard_management_controller_c190:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h610s:-:::::::* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:::::::* cpe:2.3:h:netapp:aff_a320:-:::::::* cpe:2.3:o:netapp:fas8700_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:::::::* cpe:2.3:o:netapp:fas_baseboard_management_controller_a800_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:::::::* cpe:2.3:o:netapp:aff_8300_firmware:-:::::::* cpe:2.3:h:netapp:aff_c190:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:::::::* cpe:2.3:h:netapp:fas2750:-:::::::* cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm::: cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:::::::* cpe:2.3:h:netapp:aff_8700:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:::::::* cpe:2.3:o:netapp:fas_baseboard_management_controller_a400_firmware:-:::::::*
References	~~(UBUNTU) https://usn.ubuntu.com/usn/usn-4302-1 - Vendor Advisory~~	(UBUNTU) https://usn.ubuntu.com/usn/usn-4302-1 - Third Party Advisory
References	~~(MISC) https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840 - Issue Tracking, Vendor Advisory~~	(MISC) https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840 - Issue Tracking, Third Party Advisory
References	~~(CONFIRM) https://security.netapp.com/advisory/ntap-20200430-0004/ -~~	(CONFIRM) https://security.netapp.com/advisory/ntap-20200430-0004/ - Third Party Advisory

Information

Published : 2020-04-10 00:15

Updated : 2024-11-21 05:39

NVD link : CVE-2020-8832

Mitre link : CVE-2020-8832

CVE.ORG link : CVE-2020-8832

JSON object : View

Products Affected

netapp

aff_c190
steelstore_cloud_integrated_storage
aff_8700
fas2750_firmware
solidfire_\&_hci_management_node
aff_a400
h300s
aff_8700_firmware
aff_a220
fas_baseboard_management_controller_a220_firmware
h300e_firmware
fas8700
fas_baseboard_management_controller_c190
fas_baseboard_management_controller_a400
cloud_backup
solidfire_baseboard_management_controller
fas_baseboard_management_controller_a220
h700e_firmware
aff_8300_firmware
h500e_firmware
h700s
fas8300_firmware
h300e
h500e
aff_a320
h700s_firmware
h500s_firmware
fas_baseboard_management_controller_a400_firmware
fas_baseboard_management_controller_a320
h500s
aff_a400_firmware
aff_a700s
aff_a320_firmware
solidfire_baseboard_management_controller_firmware
aff_a220_firmware
h410s_firmware
h615c
aff_8300
fas2750
fas_baseboard_management_controller_a800_firmware
h700e
fas_baseboard_management_controller_a320_firmware
fas_baseboard_management_controller_a800
aff_c190_firmware
h610s_firmware
fas2720_firmware
aff_a700s_firmware
h615c_firmware
h410c
h410s
fas2720
h410c_firmware
fas8700_firmware
fas_baseboard_management_controller_c190_firmware
h610c_firmware
fas8300
h300s_firmware
h610s
h610c

canonical

ubuntu_linux

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2020-8832", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security@ubuntu.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-04-10T00:15:11.990", "references": [{"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://security.netapp.com/advisory/ntap-20200430-0004/", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://usn.ubuntu.com/usn/usn-4302-1", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20200430-0004/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/usn/usn-4302-1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@ubuntu.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 (\"The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information."}, {"lang": "es", "value": "Se detect\u00f3 que la soluci\u00f3n para el kernel de Linux en Ubuntu versi\u00f3n 18.04 LTS para CVE-2019-14615 (\"El kernel de Linux no borr\u00f3 apropiadamente las estructuras de datos en los conmutadores de contexto para determinados procesadores gr\u00e1ficos de Intel\") estaba incompleta, lo que significa que en las versiones de kernel anteriores a 4.15.0-91.92, un atacante podr\u00eda usar esta vulnerabilidad para exponer informaci\u00f3n confidencial."}], "lastModified": "2024-11-21T05:39:31.790", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E"}, {"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA79D39A-A5F2-4C44-A805-5113065F8C25"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4CA55FBD-6EBA-49C8-92BA-2B1BCCB18A3A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70ECC434-DF20-49A6-B4CF-D5CCA480E57D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "232DC609-8023-41F9-8CE3-1B31CE2F2D93"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_a220_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6B6BF1B-4586-402C-9719-00951F471729"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_a220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "11048EAF-AD8A-412A-9A28-0D6473F1C8E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_a320_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E964EA3-7EC3-43EB-AFC5-FABF0CF9E431"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_a320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "935CD814-5583-4A4D-BFB6-061778AE410A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56FD9B9A-BBE5-4CA5-B9F9-B16E1FE738C8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3E70A56-DBA8-45C7-8C49-1A036501156F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "952F55C9-7E7C-4539-9D08-E736B3488569"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9FED1B0D-F901-413A-85D9-05D4C427570D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:aff_c190_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B1BF6FA-1714-4324-B50C-9620B124277D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:aff_c190:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D3036472-8681-4C69-8635-0117CD52EA57"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7FD1DA9-7980-4643-B378-7095892DA176"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "347E9E3E-941C-4109-B59F-B9BB05486B34"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD661062-0D5B-4671-9D92-FEF8D7395C1E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas8300_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89706810-031B-49F0-B353-FD27FD7B2776"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas8300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "03BCC59D-C782-4149-B6DC-5DDAFAB48F2D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas8700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDD1E822-1EA6-4E62-A58B-2378149D20DC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas8700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E07EAE5F-B1B5-4FDA-9B50-8CB1D2AFC5A0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_a220_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66D1D168-9350-4300-B083-7D38B4B99CF2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller_a220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "49D2C8CB-0929-4E5E-AD54-0248B29754D7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_a320_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8EDBFAE-45E1-43B5-B06B-C7004BBAC647"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller_a320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7F428DC-28B9-463A-9479-D04FD265A300"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_a400_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8A8F194-9505-4E06-8BC5-F8D29E401D12"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller_a400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C91D8734-0812-4053-80E3-035E21F6E0C0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_a800_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89F3FF69-F575-4F6F-A568-A2C21367D417"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller_a800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE354DF1-66D5-47C8-9D53-BB65995E3505"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_c190_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D691577-989C-4C07-A7B7-71F1AE2AFEC0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller_c190:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A4E1ADC-AE6E-433F-89BE-A65978109C8B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "090AA6F4-4404-4E26-82AB-C3A22636F276"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}], "operator": "OR"}]}], "sourceIdentifier": "security@ubuntu.com"}

5.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2020-8832

5.5^/10

2.1^/10

Attach tags to `CVE-2020-8832`