5.9
CVE-2020-36516
- EPSS 0.04%
- Veröffentlicht 26.02.2022 04:15:06
- Zuletzt bearbeitet 21.11.2024 05:29:43
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 5.6.11
Netapp ≫ Cloud Volumes Ontap Mediator Version-
Netapp ≫ E-series Santricity Os Controller Version >= 11.0
Netapp ≫ Solidfire & Hci Management Node Version-
Netapp ≫ H300s Firmware Version-
Netapp ≫ H500s Firmware Version-
Netapp ≫ H700s Firmware Version-
Netapp ≫ H300e Firmware Version-
Netapp ≫ H500e Firmware Version-
Netapp ≫ H700e Firmware Version-
Netapp ≫ H410s Firmware Version-
Netapp ≫ H410c Firmware Version-
Netapp ≫ H610c Firmware Version-
Netapp ≫ H615c Firmware Version-
Netapp ≫ H610s Firmware Version-
Netapp ≫ Bootstrap Os Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.114 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 1.6 | 4.2 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
|
| nvd@nist.gov | 4.9 | 6.8 | 4.9 |
AV:N/AC:M/Au:S/C:N/I:P/A:P
|
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.