CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
Configurations

Configuration 1 (hide)

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:simatic_tim_1531_irc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_tim_1531_irc:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*

History

27 Mar 2024, 16:04

Type Values Removed Values Added
First Time Splunk
Splunk universal Forwarder
CPE cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*

19 Apr 2022, 15:43

Type Values Removed Values Added
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf - Patch, Third Party Advisory
First Time Siemens sinec Infrastructure Network Services
CPE cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*

10 Mar 2022, 17:41

Type Values Removed Values Added
References
  • (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf -

08 Jun 2021, 20:00

Type Values Removed Values Added
References (DEBIAN) https://www.debian.org/security/2021/dsa-4881 - (DEBIAN) https://www.debian.org/security/2021/dsa-4881 - Third Party Advisory
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf - Third Party Advisory
CPE cpe:2.3:h:siemens:simatic_tim_1531_irc:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_tim_1531_irc_firmware:*:*:*:*:*:*:*:*

08 Jun 2021, 12:15

Type Values Removed Values Added
References
  • (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf -

01 Apr 2021, 00:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2021/dsa-4881 -

Information

Published : 2020-12-14 20:15

Updated : 2024-03-27 16:04


NVD link : CVE-2020-8169

Mitre link : CVE-2020-8169

CVE.ORG link : CVE-2020-8169


JSON object : View

Products Affected

debian

  • debian_linux

siemens

  • simatic_tim_1531_irc_firmware
  • simatic_tim_1531_irc
  • sinec_infrastructure_network_services

splunk

  • universal_forwarder

haxx

  • curl
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor