CVE-2020-3702

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150

References

https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58

https://www.debian.org/security/2021/dsa-4978

https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html

Details

Source: MITRE

Published: 2020-09-08

Updated: 2022-01-06

Type: CWE-319

Risk Information

CVSS v2

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:qualcomm:qcn5502_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:qcn5502:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*

Configuration 12

OR

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:a:arista:access_point:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:arista:av2:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:c75-e:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:o90e:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*

Configuration 14

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
156163Debian DLA-2843-1 : linux - LTS security updateNessusDebian Local Security Checks
high
155959SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3972-1)NessusSuSE Local Security Checks
high
155930SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3969-1)NessusSuSE Local Security Checks
high
155910SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3929-1)NessusSuSE Local Security Checks
high
155902SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3935-1)NessusSuSE Local Security Checks
high
155840SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3876-1)NessusSuSE Local Security Checks
high
155824openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3876-1)NessusSuSE Local Security Checks
high
154352Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5116-2)NessusUbuntu Local Security Checks
high
154279Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5115-1)NessusUbuntu Local Security Checks
high
154278Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5116-1)NessusUbuntu Local Security Checks
high
154273Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5114-1)NessusUbuntu Local Security Checks
high
154241Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5113-1)NessusUbuntu Local Security Checks
high
154206openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1365-1)NessusSuSE Local Security Checks
high
154192openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1357-1)NessusSuSE Local Security Checks
high
154190SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3447-1)NessusSuSE Local Security Checks
high
154187openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3447-1)NessusSuSE Local Security Checks
high
154133SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3415-1)NessusSuSE Local Security Checks
high
154104openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3387-1)NessusSuSE Local Security Checks
high
154099SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3337-1)NessusSuSE Local Security Checks
high
154098SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3339-1)NessusSuSE Local Security Checks
high
154094SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3387-1)NessusSuSE Local Security Checks
high
154091openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3338-1)NessusSuSE Local Security Checks
high
154088SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3388-1)NessusSuSE Local Security Checks
high
154087SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3338-1)NessusSuSE Local Security Checks
high
154063SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3389-1)NessusSuSE Local Security Checks
high
154054SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:3386-1)NessusSuSE Local Security Checks
high
153963Photon OS 2.0: Linux PHSA-2021-2.0-0399NessusPhotonOS Local Security Checks
high
153668Debian DSA-4978-1 : linux - security updateNessusDebian Local Security Checks
high
153499Photon OS 3.0: Linux PHSA-2021-3.0-0302NessusPhotonOS Local Security Checks
medium