First published: Fri Jul 31 2020(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/net-snmp | <=5.8+dfsg-4<=5.7.3+dfsg-5 | 5.8+dfsg-5 5.7.3+dfsg-5+deb10u1 |
Net-snmp Net-snmp | <=5.7.3 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =20.04 | |
Netapp Cloud Backup | ||
Netapp Smi-s Provider | ||
Netapp Solidfire \& Hci Management Node | ||
debian/net-snmp | 5.9+dfsg-4+deb11u1 5.9.3+dfsg-2 5.9.4+dfsg-1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-15861 is a vulnerability in Net-SNMP through 5.7.3 that allows Escalation of Privileges due to UNIX symbolic link (symlink) following.
CVE-2020-15861 has a severity rating of 7.8 (high).
The following software versions are affected: 5.7.3+dfsg-1.8ubuntu3.5, 5.8+dfsg-2ubuntu2.3, 5.7.2~dfsg-8.1ubuntu3.3+, 5.8+dfsg-5, 5.7.3+dfsg-1ubuntu4.5, 5.7.3+dfsg-5+deb10u2, 5.7.3+dfsg-5+deb10u4, 5.9+dfsg-4+deb11u1, 5.9.3+dfsg-2, 5.9.4+dfsg-1.
To fix CVE-2020-15861, update Net-SNMP to a version that includes the patch or vulnerability fix: 5.7.3+dfsg-1.8ubuntu3.5, 5.8+dfsg-2ubuntu2.3, 5.7.2~dfsg-8.1ubuntu3.3+, 5.8+dfsg-5, 5.7.3+dfsg-1ubuntu4.5, 5.7.3+dfsg-5+deb10u2, 5.7.3+dfsg-5+deb10u4, 5.9+dfsg-4+deb11u1, 5.9.3+dfsg-2, or 5.9.4+dfsg-1.
You can find more information about CVE-2020-15861 at the following references: [link1], [link2], [link3].