Vulnerability Name:

CVE-2020-4067 (CCN-184339)

Assigned:2019-12-30
Published:2020-06-28
Updated:2023-02-27
Summary:
CVSS v3 Severity:7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L)
6.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): Low
Availibility (A): Low
5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2020-4067

Source: security-advisories@github.com
Type: Mailing List, Third Party Advisory
security-advisories@github.com

Source: XF
Type: UNKNOWN
coturn-cve20204067-info-disc(184339)

Source: CCN
Type: CoTURN GIT Repository
CoTURN

Source: security-advisories@github.com
Type: Release Notes
security-advisories@github.com

Source: security-advisories@github.com
Type: Issue Tracking, Third Party Advisory
security-advisories@github.com

Source: CCN
Type: coturn GIT Repository
STUN response buffer not initialized properly

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Mailing List, Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Mailing List, Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Mailing List, Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Oval Definitions
Definition IDClassTitleLast Modified
oval:org.opensuse.security:def:20204067
V
CVE-2020-4067
2022-06-30
oval:org.opensuse.security:def:64841
P
Security update for apache2 (Important)
2022-01-17
oval:org.opensuse.security:def:112104
P
coturn-4.5.2-2.2 on GA media (Moderate)
2022-01-17
oval:org.opensuse.security:def:64592
P
Security update for krb5 (Moderate)
2021-10-18
oval:org.opensuse.security:def:105641
P
coturn-4.5.2-2.2 on GA media (Moderate)
2021-10-01
oval:org.opensuse.security:def:63364
P
python3-Twisted-19.10.0-3.2.6 on GA media (Moderate)
2021-08-10
oval:org.opensuse.security:def:64734
P
Security update for curl (Moderate)
2021-07-21
oval:org.opensuse.security:def:64733
P
Security update for the Linux Kernel (Important)
2021-07-20
oval:org.opensuse.security:def:64728
P
Security update for bluez (Moderate)
2021-07-12
oval:org.opensuse.security:def:63186
P
stunnel-5.44-1.29 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63145
P
cyrus-sasl-sqlauxprop-2.1.26-3.41 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63150
P
freeradius-server-3.0.16-1.41 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63158
P
libecpg6-10.3-2.8 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63873
P
Security update for webkit2gtk3 (Important)
2020-12-01
oval:org.opensuse.security:def:75076
P
Security update for curl (Moderate)
2020-12-01
oval:org.opensuse.security:def:64943
P
Security update for tigervnc (Important)
2020-12-01
oval:org.opensuse.security:def:64028
P
Security update for mozilla-nspr, mozilla-nss (Moderate)
2020-12-01
oval:org.opensuse.security:def:75213
P
Security update for coturn (Moderate)
2020-12-01
oval:org.opensuse.security:def:65009
P
Security update for samba (Moderate)
2020-12-01
oval:org.opensuse.security:def:64259
P
ghostscript on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:63667
P
Security update for glibc (Moderate)
2020-12-01
oval:org.opensuse.security:def:65131
P
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Important)
2020-12-01
oval:org.opensuse.security:def:110950
P
Security update for coturn (Moderate)
2020-07-07
BACK