CVE-2020-1763

{"id": "CVE-2020-1763", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-05-12T14:15:12.580", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/202007-21", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secalert@redhat.com"}, {"url": "https://www.debian.org/security/2020/dsa-4684", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-125"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."}, {"lang": "es", "value": "Un fallo de lectura de b\u00fafer fuera de l\u00edmites fue detectado en el demonio pluto de libreswan versiones 3.27 hasta 3.31 donde, un atacante no autenticado podr\u00eda usar este fallo para bloquear a libreswan mediante el env\u00edo de paquetes IKEv1 Informational Exchange especialmente dise\u00f1ados. El demonio reaparece despu\u00e9s del bloqueo."}], "lastModified": "2023-11-07T03:19:34.507", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4D70ED5-291D-47AE-A6CB-0ED5AAB14329", "versionEndIncluding": "3.31", "versionStartIncluding": "3.27"}, {"criteria": "cpe:2.3:a:libreswan:libreswan:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E018CD7-6E5B-421E-BF06-AEE4EE0CA4BD"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}