http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt

https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf

https://jsof-tech.com/vulnerability-disclosure-policy/

https://security.netapp.com/advisory/ntap-20200625-0006/

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04012en_us

20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020

https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities

https://www.jsof-tech.com/ripple20/

VU#257161

https://www.kb.cert.org/vuls/id/257161/

https://www.treck.com

Multiple security vulnerabilities have been identified in Integrated Lights-Out firmware generation 3 (iLO 3) prior to version 1.93, generation 4 (iLO 4) prior to version 2.75, and generation 5 (iLO 5) prior to version 2.18. The vulnerabilities could be remotely exploited to execute code, cause denial of service, and expose sensitive information.

Note: These vulnerabilities are collectively named Ripple20. iLO 3, iLO4, and iLO 5 are only exposed to a portion of the Ripple20 vulnerabilities.

According to its self-reported version, Cisco ASR and Virtual Packet Core StarOS software is affected by multiple vulnerabilities in the Treck IP stack implementation. The vulnerabilities are collectively known as Ripple20, and can result in remote code execution, denial of service (DoS), and information disclosure by remote, unauthenticated attackers.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

This plugin detects the usage of the Treck TCP/IP stack by the host thereby indicating that it could be potentially vulnerable to the Ripple20 vulnerabilities. Patches are being slowly rolled out by vendors and we will release plugins for patches as they are released by the vendors. In the interim, if you have applied the patches from the vendor for the Ripple20 vulnerabilities on this host, please recast the severity of this plugin.

Note: This plugin requires ICMP traffic to be unblocked between the scanner and the host

ID	Name	Product	Family	Severity
140770	HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO 5 < 2.18 Ripple20 Multiple vulnerabilities	Nessus	CGI abuses	high
139545	Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020 (cisco-sa-treck-ip-stack-JyBQ5GyC)	Nessus	CISCO	critical
137702	Treck TCP/IP stack multiple vulnerabilities. (Ripple20)	Nessus	Misc.	critical

CVE-2020-11896

HIGH

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins

high

critical

critical