CVE-2020-15862

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
Configurations

Configuration 1 (hide)

cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

History

22 Nov 2023, 16:15

Type Values Removed Values Added
Summary Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

31 Oct 2023, 19:30

Type Values Removed Values Added
CPE cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
First Time Netapp smi-s Provider
Netapp cloud Backup
Netapp
Netapp hci Management Node
Netapp solidfire

Information

Published : 2020-08-20 01:17

Updated : 2023-12-10 13:27


NVD link : CVE-2020-15862

Mitre link : CVE-2020-15862

CVE.ORG link : CVE-2020-15862


JSON object : View

Products Affected

netapp

  • smi-s_provider
  • hci_management_node
  • cloud_backup
  • solidfire

net-snmp

  • net-snmp

canonical

  • ubuntu_linux
CWE
CWE-269

Improper Privilege Management