Detections
Analytics
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24587)
low Tenable OT Security Plugin ID 502132
Synopsis
The remote OT asset is affected by a vulnerability.Description
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
http://www.openwall.com/lists/oss-security/2021/05/11/12
https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html
http://www.nessus.org/u?be0512b5
Plugin Details
Severity: Low
ID: 502132
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 3/18/2024
Updated: 3/18/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 2.9
CVSS v2
Risk Factor: Low
Base Score: 1.8
Temporal Score: 1.4
Vector: CVSS2#AV:A/AC:H/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2020-24587
CVSS v3
Risk Factor: Low
Base Score: 2.6
Temporal Score: 2.4
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:cisco:ip_phone_8861_firmware, cpe:/o:cisco:ip_phone_8865_firmware, cpe:/o:cisco:ip_phone_8832_firmware, cpe:/o:cisco:ip_phone_6861_firmware, cpe:/o:cisco:ip_phone_8821_firmware
Required KB Items: Tenable.ot/Cisco
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/11/2021
Vulnerability Publication Date: 5/11/2021
Reference Information
CVE: CVE-2020-24587
CWE: 327