ID |
CVE-2020-9429
|
Summary |
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 27-07-2020 - 02:15) |
Impact: | 2.9 |
Exploitability: | 10.0 |
|
CWE |
CWE-476 |
CAPEC |
Click the CAPEC title to display a description
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
CVSS v3.1 |
Base: | 7.5 (as of 27-07-2020 - 02:15) |
Impact: | 3.6 |
Exploitability: | 3.9 |
|
Exploitability v3.1 |
Attack Complexity | Attack vector | Privileges Required | Scope | User Interaction |
LOW |
NETWORK |
NONE |
UNCHANGED |
NONE |
|
Impact v3.1 |
Confidentiality | Integrity | Availability |
NONE |
NONE |
HIGH |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
cvss3-vector
via4
|
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
refmap
via4
|
gentoo | GLSA-202007-13 | misc | | suse | openSUSE-SU-2020:0362 |
|
Last major update |
27-07-2020 - 02:15 |
Published |
27-02-2020 - 23:15 |
Last modified |
27-07-2020 - 02:15 |