Treck TCP-IP Stack prior 6.0.1.66 IPv4 Tunneling input validation

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in Treck TCP-IP Stack. Affected by this issue is an unknown functionality of the component IPv4 Tunneling. Upgrading to version 6.0.1.66 eliminates this vulnerability.

Field06/18/2020 07:02 AM06/18/2020 08:16 AM10/24/2020 08:51 PM
vendorTreckTreckTreck
nameTCP-IP StackTCP-IP StackTCP-IP Stack
componentIPv4 TunnelingIPv4 TunnelingIPv4 Tunneling
risk222
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.95.95.9
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss3_meta_basescore8.68.68.6
cvss3_meta_tempscore8.28.28.2
cvss3_vuldb_basescore7.37.37.3
cvss3_vuldb_tempscore7.07.07.0
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
date1592352000 (06/17/2020)1592352000 (06/17/2020)1592352000 (06/17/2020)
locationWebsiteWebsiteWebsite
typeAdvisoryAdvisoryAdvisory
urlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyChttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyChttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC
identifiercisco-sa-treck-ip-stack-JyBQ5Gcisco-sa-treck-ip-stack-JyBQ5Gcisco-sa-treck-ip-stack-JyBQ5G
price_0day$0-$5k$0-$5k$0-$5k
nameUpgradeUpgradeUpgrade
upgrade_version6.0.1.666.0.1.666.0.1.66
cveCVE-2020-11896CVE-2020-11896CVE-2020-11896
seealso156837 156838 156839 156840 156841 156842 156843 156844 156845 156846 156847 156848 156849 156850 156851 156852 156853 156854156837 156838 156839 156840 156841 156842 156843 156844 156845 156846 156847 156848 156849 156850 156851 156852 156853 156854156837 156838 156839 156840 156841 156842 156843 156844 156845 156846 156847 156848 156849 156850 156851 156852 156853 156854
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
cvss3_nvd_basescore10.010.010.0
cwe020 (privilege escalation)20 (privilege escalation)
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciCC
cvss2_nvd_iiCC
cvss2_nvd_aiCC
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prNN
cvss3_nvd_uiNN
cvss3_nvd_sCC
cvss3_nvd_cHH
cvss3_nvd_iHH
cvss3_nvd_aHH
cve_assigned15872544001587254400
cve_nvd_summaryThe Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
confirm_urlhttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt

Do you need the next level of professionalism?

Upgrade your account now!