First published: Tue Dec 22 2020(Updated: )
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Treck IPv6 | <6.0.1.68 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-27336.
The severity of CVE-2020-27336 is medium, with a severity value of 5.3.
The affected software of CVE-2020-27336 is Treck IPv6 before version 6.0.1.68.
An unauthenticated remote attacker can exploit CVE-2020-27336 by sending a malicious packet to the IPv6 component, causing an out-of-bounds read.
Yes, you can find more information about CVE-2020-27336 at the following references: 1. [NetApp Security Advisory](https://security.netapp.com/advisory/ntap-20210201-0003/) 2. [Treck Vulnerability Response Information](https://treck.com/vulnerability-response-information/)