VDB
CVE-2020-7211
CVE-2020-7211
PUBLISHED
Es existiert eine Schwachstelle in QEMU, die in Verbindung mit der Implementierung eines tftp-Servers besteht. Die Schwachstelle ist nur auf Windows-Geräten vorhanden, da dort "/" als auch "\" als Separatoren für einen Dateipfad zulässig sind. Ein entfernter, anonymer Angreifer kann, wenn er Zugriff auf den tftp-Server besitzt, die Schwachstelle ausnutzen, um Informationen offenzulegen.
EPSS 0.30% · 54.1th percentile
Risk Scores
EPSS Score
0.30%
54.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Linux | |
| Open Source | Open Source QEMU 4.2.0 | |
| Debian | Debian Linux | |
| Open Source | Open Source Arch Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source CentOS | |
| SUSE | SUSE Linux | |
| Ubuntu | Ubuntu Linux | |
| Gentoo | Gentoo Linux |
Timeline
- Jan 16, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-3379.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3379 advisory
- https://www.debian.org/security/2020/dsa-4616 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-7039 advisory
- https://access.redhat.com/errata/RHSA-2020:0348 advisory
- https://www.suse.com/support/update/announcement/2020/suse-su-20200388-1.html advisory
- https://usn.ubuntu.com/4283-1/ advisory
- https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202001/msg00022.html advisory
- https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202001/msg00036.html advisory
- https://access.redhat.com/errata/RHSA-2020:0775 advisory
- http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2020-0775-Important-CentOS-6-qemu-kvm-Security-Update-tp4645859.html advisory
- https://oss.oracle.com/pipermail/oraclevm-errata/2020-March/000973.html advisory
- https://access.redhat.com/errata/RHSA-2020:0889 advisory
- https://access.redhat.com/errata/RHSA-2020:1116 advisory
- https://access.redhat.com/errata/RHSA-2020:1150 advisory
- https://access.redhat.com/errata/RHSA-2020:1261 advisory
- https://www.suse.com/support/update/announcement/2020/suse-su-20200844-1.html advisory
- https://www.suse.com/support/update/announcement/2020/suse-su-20200845-1.html advisory
- https://access.redhat.com/errata/RHSA-2020:1296 advisory
- https://access.redhat.com/errata/RHSA-2020:1300 advisory
…and 26 more