Skip to main content

Netbsd CVE-2020-26139

MEDIUM
Improper Authentication (CWE-287)
2021-05-11 cve@mitre.org
Authentication Bypass Netbsd Debian Linux C 100 Firmware C 110 Firmware C 120 Firmware C 130 Firmware C 200 Firmware C 230 Firmware C 235 Firmware C 250 Firmware C 260 Firmware C 65 Firmware C 75 Firmware O 105 Firmware O 90 Firmware W 118 Firmware W 68 Firmware 1100 Firmware 1100 4P Firmware 1100 8P Firmware 1101 4P Firmware 1109 2P Firmware 1109 4P Firmware Aironet 1532 Firmware Aironet 1542D Firmware Aironet 1542I Firmware Aironet 1552 Firmware Aironet 1552H Firmware Aironet 1572 Firmware Aironet 1702 Firmware Aironet 1800 Firmware Aironet 1800I Firmware Aironet 1810 Firmware Aironet 1810W Firmware Aironet 1815 Firmware Aironet 1815I Firmware Aironet 1832 Firmware Aironet 1842 Firmware Aironet 1852 Firmware Aironet 2702 Firmware Aironet 2800 Firmware Aironet 2800E Firmware Aironet 2800I Firmware Aironet 3702 Firmware Aironet 3800 Firmware Aironet 3800E Firmware Aironet 3800I Firmware Aironet 3800P Firmware Aironet 4800 Firmware Aironet Ap803 Firmware Aironet Iw3702 Firmware Catalyst 9105 Firmware Catalyst 9105Axi Firmware Catalyst 9105Axw Firmware Catalyst 9115 Firmware Catalyst 9115 Ap Firmware Catalyst 9115Axe Firmware Catalyst 9115Axi Firmware Catalyst 9117 Firmware Catalyst 9117 Ap Firmware Catalyst 9117Axi Firmware Catalyst 9120 Firmware Catalyst 9120 Ap Firmware Catalyst 9120Axe Firmware Catalyst 9120Axi Firmware Catalyst 9120Axp Firmware Catalyst 9124 Firmware Catalyst 9124Axd Firmware Catalyst 9124Axi Firmware Catalyst 9130 Firmware Catalyst 9130 Ap Firmware Catalyst 9130Axe Firmware Catalyst 9130Axi Firmware Catalyst Iw6300 Firmware Catalyst Iw6300 Ac Firmware Catalyst Iw6300 Dc Firmware Catalyst Iw6300 Dcw Firmware Esw6300 Firmware Ip Phone 6861 Firmware Ip Phone 8821 Firmware Ip Phone 8832 Firmware Ip Phone 8861 Firmware Ip Phone 8865 Firmware Ir829 2Lte Ea Ak9 Firmware Ir829 2Lte Ea Bk9 Firmware Ir829 2Lte Ea Ek9 Firmware Ir829Gw Lte Ga Ck9 Firmware Ir829Gw Lte Ga Ek9 Firmware Ir829Gw Lte Ga Sk9 Firmware Ir829Gw Lte Ga Zk9 Firmware Ir829Gw Lte Na Ak9 Firmware Ir829Gw Lte Vz Ak9 Firmware Meraki Gr10 Firmware Meraki Gr60 Firmware Meraki Mr12 Firmware Meraki Mr20 Firmware Meraki Mr26 Firmware Meraki Mr30H Firmware Meraki Mr32 Firmware Meraki Mr33 Firmware Meraki Mr34 Firmware Meraki Mr36 Firmware Meraki Mr42 Firmware Meraki Mr42E Firmware Meraki Mr44 Firmware Meraki Mr45 Firmware Meraki Mr46 Firmware Meraki Mr46E Firmware Meraki Mr52 Firmware Meraki Mr53 Firmware Meraki Mr53E Firmware Meraki Mr55 Firmware Meraki Mr56 Firmware Meraki Mr62 Firmware Meraki Mr66 Firmware Meraki Mr70 Firmware Meraki Mr72 Firmware Meraki Mr74 Firmware Meraki Mr76 Firmware Meraki Mr84 Firmware Meraki Mr86 Firmware Meraki Mx64W Firmware Meraki Mx65W Firmware Meraki Mx67Cw Firmware Meraki Mx67W Firmware Meraki Mx68Cw Firmware Meraki Mx68W Firmware Meraki Z3 Firmware Meraki Z3C Firmware Webex Board 55 Firmware Webex Board 55S Firmware Webex Board 70 Firmware Webex Board 70S Firmware Webex Board 85S Firmware Webex Dx70 Firmware Webex Dx80 Firmware Webex Room 55 Firmware Webex Room 55 Dual Firmware Webex Room 70 Firmware Webex Room 70 Dual Firmware Webex Room 70 Dual G2 Firmware Webex Room 70 Single Firmware Webex Room 70 Single G2 Firmware Webex Room Kit Firmware Webex Room Kit Mini Firmware Ac 8260 Firmware Ac 8265 Firmware Ac 9260 Firmware Ac 9560 Firmware Killer Ac 1550 Firmware Killer Wi Fi 6 Ax1650 Firmware Killer Wi Fi 6E Ax1675 Firmware Proset Ac 3165 Firmware Proset Ac 3168 Firmware Proset Ac 8260 Firmware Proset Ac 8265 Firmware Proset Ac 9260 Firmware Proset Ac 9461 Firmware Proset Ac 9462 Firmware Proset Ac 9560 Firmware Proset Wi Fi 6 Ax200 Firmware Proset Wi Fi 6 Ax201 Firmware Proset Wi Fi 6E Ax210 Firmware Proset Wireless 7265 Rev D Firmware Wi Fi 6 Ax200 Firmware Wi Fi 6 Ax201 Firmware
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 11, 2021 - 20:15 cve.org
MEDIUM 5.3

DescriptionCVE.org

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

AnalysisAI

An issue was discovered in the kernel in NetBSD 7.1. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Technical ContextAI

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. Affected products include: Netbsd, Debian Debian Linux, Arista C-100 Firmware, Arista C-110 Firmware, Arista C-120 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

More in Netbsd

View all
CVE-2012-0217 HIGH POC
7.2 Jun 12

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and

CVE-2014-8517 HIGH POC
7.5 Nov 17

The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 thro

CVE-2024-6387 HIGH POC
8.1 Jul 01

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to

CVE-2017-1000375 CRITICAL POC
9.8 Jun 19

NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attacke

CVE-2016-6253 HIGH POC
7.8 Jan 20

mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or

CVE-2017-1000378 CRITICAL
9.8 Jun 19

The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N

CVE-2017-1000374 CRITICAL
9.8 Jun 19

A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitra

CVE-2015-8212 CRITICAL
9.8 Jan 19

CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execut

CVE-2021-45489 HIGH
7.5 Dec 25

In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. Rated high severity (

CVE-2021-45488 HIGH
7.5 Dec 25

In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. Rated high severity (CVSS

CVE-2021-45487 HIGH
7.5 Dec 25

In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. Rated high seve

CVE-2021-45484 HIGH
7.5 Dec 25

In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. Rated high severity

Share

CVE-2020-26139 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy