Vulnerability CVE-2020-13757

Vulnerability Name:

CVE-2020-13757 (CCN-182813)

Assigned:

2020-05-27

Published:

2020-05-27

Updated:

2023-03-01

Summary:

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2020-13757

Source: XF
Type: UNKNOWN
pythonrsa-cve202013757-dos(182813)

Source: CCN
Type: Python-RSA GIT Repository
python-rsa does not detect ciphertext modification (prepended "0" bytes) in PKCS1_v1_5 #146

Source: cve@mitre.org
Type: Issue Tracking, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Exploit, Issue Tracking, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: CCN
Type: IBM Security Bulletin 6323245 (ICP Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python-RSA

Source: CCN
Type: IBM Security Bulletin 6614909 (Spectrum Discover)
IBM Spectrum Discover is vulnerable to multiple vulnerabilities

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:python-rsa_project:python-rsa:4.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7472	P	cryptctl-2.4-4.5.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7526	P	harfbuzz-devel-3.4.0-150400.3.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7783	P	python3-rsa-3.4.2-150000.3.7.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:725	P	Security update for gdk-pixbuf (Moderate)	2022-09-02
oval:org.opensuse.security:def:95294	P	Security update for u-boot (Important)	2022-08-03
oval:org.opensuse.security:def:3626	P	Security update for ldb, samba (Moderate)	2022-07-06
oval:org.opensuse.security:def:3442	P	axis-1.4-290.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3180	P	libgraphite2-3-1.3.1-10.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94554	P	fuse-2.9.7-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94810	P	python3-rsa-3.4.2-3.4.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:102007	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (Critical)	2022-02-16
oval:org.opensuse.security:def:99484	P	(Critical)	2022-02-11
oval:org.opensuse.security:def:6066	P	Security update for strongswan (Important)	2022-01-26
oval:org.opensuse.security:def:113298	P	python36-rsa-4.7.2-1.5 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99683	P	(Important)	2021-10-12
oval:org.opensuse.security:def:106710	P	python36-rsa-4.7.2-1.5 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:99991	P	(Important)	2021-09-03
oval:org.opensuse.security:def:101267	P	go1.14-1.14.15-1.35.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:111591	P	Security update for python-rsa (Important)	2021-07-11
oval:org.opensuse.security:def:88154	P	Security update for python-rsa (Important)	2021-07-06
oval:org.opensuse.security:def:88468	P	Security update for python-rsa (Important)	2021-07-06
oval:org.opensuse.security:def:49296	P	Security update for python-rsa (Important)	2021-07-02
oval:org.opensuse.security:def:81089	P	Security update for python-rsa (Important)	2021-07-02
oval:org.opensuse.security:def:20825	P	Security update for python-rsa (Important)	2021-07-02
oval:org.opensuse.security:def:111449	P	Security update for python-rsa (Important)	2021-06-23
oval:org.opensuse.security:def:73653	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:95853	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:109232	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:92534	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:97082	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:68615	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:93412	P	(Important)	2021-06-17
oval:org.opensuse.security:def:9535	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:98898	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:5746	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:93238	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:91948	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:117448	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:67155	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:73837	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:92733	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:69675	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:93748	P	(Important)	2021-06-17
oval:org.opensuse.security:def:64531	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:102566	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:9734	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:99093	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:107933	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:92143	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:118317	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:68517	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:1471	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:75903	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:8787	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:92932	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:69874	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:94174	P	(Important)	2021-06-17
oval:org.opensuse.security:def:64715	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:100299	P	(Important)	2021-06-17
oval:org.opensuse.security:def:10285	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:99285	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:7428	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:108673	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:92335	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:68561	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:76223	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:8982	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:93085	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:70425	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:66835	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:101456	P	Security update for python-rsa (Important)	2021-06-17

BACK