ID
VAR-202008-0979
CVE
CVE-2020-8232
TITLE
EdgeMax EdgeSwitch Information leakage vulnerability in firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2020-009587
DESCRIPTION
An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages. EdgeMax EdgeSwitch There is an information leakage vulnerability in the firmware.Information may be obtained. Ubiquiti Networks EdgeMAX EdgeSwitch is a PoE+ Gigabit switch from Ubiquiti Networks
Trust: 2.16
sources:
NVD: CVE-2020-8232 //
JVNDB: JVNDB-2020-009587 //
CNVD: CNVD-2020-46805
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2020-46805
AFFECTED PRODUCTS
| vendor: | ui | model: | edgeswitch | scope: | lt | version: | 1.9.0 | Trust: 1.0 |
| vendor: | ubiquiti | model: | edgeswitch | scope: | - | version: | - | Trust: 0.8 |
| vendor: | ubiquiti | model: | networks ubiquiti networks edgemax edgeswitch | scope: | eq | version: | 1.9.0 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-46805 //
JVNDB: JVNDB-2020-009587 //
NVD: CVE-2020-8232
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2020-46805 //
JVNDB: JVNDB-2020-009587 //
CNNVD: CNNVD-202008-857 //
NVD: CVE-2020-8232
PROBLEMTYPE DATA
| problemtype: | CWE-200 | Trust: 1.8 |
sources:
JVNDB: JVNDB-2020-009587 //
NVD: CVE-2020-8232
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202008-857
TYPE
information disclosure
Trust: 0.6
sources:
CNNVD: CNNVD-202008-857
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-009587
PATCH
| title: | Security advisory bulletin 014 | url: | https://community.ui.com/releases/Security-advisory-bulletin-014-014/1c32c056-2c64-4e60-ac23-ce7d8f387821 | Trust: 0.8 |
| title: | EdgeMAX EdgeSwitch Firmware v1.9.1 | url: | https://community.ui.com/releases/EdgeMAX-EdgeSwitch-Firmware-v1-9-1-v1-9-1/8a87dfc5-70f5-4055-8d67-570db1f5695c | Trust: 0.8 |
| title: | EdgeMAX | url: | https://www.ui.com/download/edgemax/ | Trust: 0.8 |
| title: | Patch for EdgeSwitch firmware information disclosure vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/231064 | Trust: 0.6 |
| title: | Ubiquiti Network EdgeMax EdgeSwitch Repair measures for information disclosure vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126544 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-46805 //
JVNDB: JVNDB-2020-009587 //
CNNVD: CNNVD-202008-857
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-8232 | Trust: 3.0 |
| db: | JVNDB | id: | JVNDB-2020-009587 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2020-46805 | Trust: 0.6 |
| db: | NSFOCUS | id: | 48739 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202008-857 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-46805 //
JVNDB: JVNDB-2020-009587 //
CNNVD: CNNVD-202008-857 //
NVD: CVE-2020-8232
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-8232 | Trust: 2.0 |
| url: | https://community.ui.com/releases/security-advisory-bulletin-014-014/1c32c056-2c64-4e60-ac23-ce7d8f387821 | Trust: 1.6 |
| url: | https://community.ui.com/releases/edgemax-edgeswitch-firmware-v1-9-1-v1-9-1/8a87dfc5-70f5-4055-8d67-570db1f5695c | Trust: 1.6 |
| url: | https://www.ui.com/download/edgemax | Trust: 1.6 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8232 | Trust: 0.8 |
| url: | http://www.nsfocus.net/vulndb/48739 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-46805 //
JVNDB: JVNDB-2020-009587 //
CNNVD: CNNVD-202008-857 //
NVD: CVE-2020-8232
SOURCES
| db: | CNVD | id: | CNVD-2020-46805 |
| db: | JVNDB | id: | JVNDB-2020-009587 |
| db: | CNNVD | id: | CNNVD-202008-857 |
| db: | NVD | id: | CVE-2020-8232 |
LAST UPDATE DATE
2024-11-23T23:07:53.754000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2020-46805 | date: | 2020-08-19T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-009587 | date: | 2020-11-19T05:37:46 |
| db: | CNNVD | id: | CNNVD-202008-857 | date: | 2020-09-14T00:00:00 |
| db: | NVD | id: | CVE-2020-8232 | date: | 2024-11-21T05:38:33.310 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2020-46805 | date: | 2020-08-19T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-009587 | date: | 2020-11-19T05:37:46 |
| db: | CNNVD | id: | CNNVD-202008-857 | date: | 2020-08-17T00:00:00 |
| db: | NVD | id: | CVE-2020-8232 | date: | 2020-08-17T16:15:13.780 |