Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMD860B85F49895E0D8CF0AC6A066F6902558B044E03F0320678E24399C41C6135
HistoryOct 30, 2020 - 4:18 p.m.

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to Using Components with Known Vulnerabilities

2020-10-3016:18:45
www.ibm.com
21

0.059 Low

EPSS

Percentile

93.5%

JSON

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.

Vulnerability Details

CVEID:CVE-2020-11868
**DESCRIPTION:**NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet with a spoofed source IP address, a remote attacker could exploit this vulnerability to block unauthenticated synchronization resulting in a denial of service condition.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180011 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-13817
**DESCRIPTION:**NTP is vulnerable to a denial of service, caused by an issue when relying on unauthenticated IPv4 time sources in ntpd. By predicting transmit timestamps for use in spoofed packets, a remote attacker could exploit this vulnerability to cause the daemon to crash or system time change.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/183494 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H)

CVEID:CVE-2020-12049
**DESCRIPTION:**D-Bus is vulnerable to a denial of service, caused by an error in _dbus_read_socket_with_unix_fds. By sending specially crafted messages, a local attacker could exploit this vulnerability to cause the system dbus-daemon (dbus-daemon --system) to leak file descriptors.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182955 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2020-8177
**DESCRIPTION:**cURL could allow a remote attacker to overwrite arbitrary files on the system, caused by the improper handling of certain parameters when using -J (–remote-header-name) and -I (–include) in the same command line. An attacker could exploit this vulnerability to overwrite a local file.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/183931 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2019-19527
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free condition in drivers/hid/usbhid/hiddev.c. By connecting a specially-crafted USB device, an attacker could exploit this vulnerability to cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172524 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-10757
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw when mremap a mmaped DAX nvdimm to a mmaped anonymous memory region. By executing a specially-crafted program, a local attacker could exploit this vulnerability to cause corrupted page table resulting in a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182919 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-12653
**DESCRIPTION:**Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by an incorrect memcpy and buffer overflow in the mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181449 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-12654
**DESCRIPTION:**Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c. By sending a specially-crafted request, a local attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181450 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-10713
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system. By injecting a malicious payload, an attacker could exploit this vulnerability to bypass Secure Boot protections and execute arbitrary code within GRUB. Note: This vulnerability is also known as BootHole.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186056 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

CVEID:CVE-2020-14308
**DESCRIPTION:**GNU GRUB2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the grub_malloc function. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186057 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-14309
**DESCRIPTION:**GNU GRUB2 is vulnerable to a heap-based buffer overflow, caused by an integer overflow in grub_squash_read_symlink. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186058 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H)

CVEID:CVE-2020-14310
**DESCRIPTION:**GNU GRUB2 is vulnerable to a heap-based buffer overflow, caused by an integer overflow in read_section_from_string. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186059 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H)

CVEID:CVE-2020-14311
**DESCRIPTION:**GNU GRUB2 is vulnerable to a heap-based buffer overflow, caused by an integer overflow in grub_ext2_read_link. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186060 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H)

CVEID:CVE-2020-15705
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to bypass security restrictions, caused by improper validation of kernel signature when booted directly without shim. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass secure boot to perform arbitrary actions.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186061 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-15706
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in the grub_script_function_create function when redefining a function during execution. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186062 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-15707
**DESCRIPTION:**GNU GRUB2 is vulnerable to a heap-based buffer overflow, caused by an integer overflow in grub_cmd_initrd and grub_initrd_init. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186063 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H)

Affected Products and Versions

IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 3

IBM QRadar Network Packet Capture 7.4.0 - 7.4.1 GA

Remediation/Fixes

IBM QRadar Network Packet Capture 7.3.3 Patch 4

IBM QRadar Network Packet Capture 7.4.1 Patch 1

Workarounds and Mitigations

None

Related

nessus 74
photon 5
fedora 3
redhat 21
openvas 43
ubuntu 3
oraclelinux 5
suse 4
osv 2
centos 3
qualysblog 1
f5 1
debian 1
mageia 1
gentoo 2
redos 1
hp 1
amazon 1
ibm 8
mscve 1
aix 1
ics 1
redhatcve 3
cve 1
debiancve 2
cbl_mariner 2
cvelist 2
prion 3
nvd 2
freebsd 1
nessus
nessus
Photon OS 2.0: Grub2 PHSA-2020-2.0-0267
2020-08-01 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : grub2 Multiple Vulnerabilities (NS-SA-2021-0008)
2021-03-10 00:00:00
Oracle Linux 7 : grub2 (ELSA-2020-5782)
2020-07-30 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0267
2020-07-30 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0311
2020-07-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0120
2020-07-23 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: grub2-2.02-110.fc31
2020-09-27 01:05:37
[SECURITY] Fedora 32 Update: grub2-2.04-22.fc32
2020-09-14 13:26:52
[SECURITY] Fedora 32 Update: ntp-4.2.8p15-1.fc32
2020-07-02 01:13:48
redhat
redhat
(RHSA-2020:3275) Moderate: grub2 security and bug fix update
2020-08-03 10:37:39
(RHSA-2020:3273) Moderate: grub2 security and bug fix update
2020-08-03 10:36:49
(RHSA-2020:3227) Moderate: grub2 security update
2020-07-29 19:56:15
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:2079-1)
2021-04-19 00:00:00
SUSE Linux Enterprise Server: Security Advisory (SUSE-SU-2020:2076-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for grub2 (openSUSE-SU-2020:1169-1)
2020-08-09 00:00:00
ubuntu
ubuntu
GRUB 2 vulnerabilities
2020-07-29 00:00:00
GRUB2 regression
2020-08-04 00:00:00
DBus vulnerability
2020-06-16 00:00:00
oraclelinux
oraclelinux
grub2 security update
2020-07-29 00:00:00
grub2 security update
2020-07-29 00:00:00
grub2 security update
2020-07-29 00:00:00
suse
suse
Security update for grub2 (important)
2020-08-08 00:00:00
Security update for grub2 (important)
2020-08-08 00:00:00
Security update for ntp (moderate)
2020-07-19 00:00:00
osv
osv
grub2 - security update
2020-07-29 00:00:00
CVE-2020-14311
2020-07-31 22:15:11
centos
centos
grub2, mokutil, shim security update
2020-07-30 00:08:50
bpftool, kernel, perf, python security update
2020-07-30 00:08:16
ntp, ntpdate, sntp security update
2020-06-23 19:52:57
qualysblog
qualysblog
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
2020-08-03 21:35:38
f5
f5
K48187630 : Multiple grub2 vulnerabilities
2021-03-18 00:00:00
debian
debian
[SECURITY] [DSA 4735-1] grub2 security update
2020-07-29 16:59:52
mageia
mageia
Updated grub2 packages fix security vulnerabilities
2021-07-09 01:43:19
gentoo
gentoo
GRUB: Multiple vulnerabilities
2021-04-30 00:00:00
NTP: Multiple vulnerabilities
2020-07-26 00:00:00
redos
redos
ROS-20220920-01
2022-09-20 00:00:00
hp
hp
HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution
2020-07-25 00:00:00
amazon
amazon
Medium: ntp
2020-07-14 02:38:00
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by Network Time Protocol (NTP) vulnerabilities (CVE-2020-11868, CVE-2020-13817)
2020-11-27 02:34:47
Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities
2021-01-12 10:48:57
Security Bulletin: Vulnerability in ntp (CVE-2020-11868 and CVE-2020-13817).
2021-09-22 23:38:15
mscve
mscve
Microsoft Guidance for Addressing Security Feature Bypass in GRUB
2020-07-29 07:00:00
aix
aix
There are vulnerabilities in NTPv4 that affect AIX.
2020-10-26 15:14:11
ics
ics
Hitachi Energy APM Edge (Update A)
2022-10-18 12:00:00
redhatcve
redhatcve
CVE-2020-14309
2020-07-29 17:06:12
CVE-2020-11868
2020-04-17 07:33:45
CVE-2020-12049
2020-06-19 15:56:02
cve
cve
CVE-2020-13817
2020-06-04 13:15:11
debiancve
debiancve
CVE-2020-13817
2020-06-04 13:15:11
CVE-2019-19527
2019-12-03 16:15:12
cbl_mariner
cbl_mariner
CVE-2020-14308 affecting package grub2 2.06~rc1-10
2021-05-06 23:56:52
CVE-2020-14310 affecting package grub2 for versions less than 2.06~rc1-7
2022-04-26 20:17:11
cvelist
cvelist
CVE-2019-19527
2019-12-03 15:41:27
CVE-2020-13817
2020-06-04 12:31:55
prion
prion
Design/Logic Flaw
2020-06-04 13:15:00
Heap overflow
2020-07-31 22:15:00
Design/Logic Flaw
2020-04-17 04:15:00
nvd
nvd
CVE-2020-13817
2020-06-04 13:15:11
CVE-2020-11868
2020-04-17 04:15:10
freebsd
freebsd
dbus file descriptor leak
2020-04-09 00:00:00

0.059 Low

EPSS

Percentile

93.5%

JSON
Related for D860B85F49895E0D8CF0AC6A066F6902558B044E03F0320678E24399C41C6135
nessus74photon5fedora3redhat21openvas43ubuntu3oraclelinux5suse4osv2centos3qualysblog1f51debian1mageia1gentoo2redos1hp1amazon1ibm8mscve1aix1ics1redhatcve3cve1debiancve2cbl_mariner2cvelist2prion3nvd2freebsd1