CVE-2022-46397
First published: Tue Mar 28 2023(Updated: )
FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lfprojects Vector Packet Processor | =19.04 | |
| Lfprojects Vector Packet Processor | =19.08 | |
| Lfprojects Vector Packet Processor | =20.01 | |
| Lfprojects Vector Packet Processor | =20.05 | |
| Lfprojects Vector Packet Processor | =20.09 | |
| Lfprojects Vector Packet Processor | =21.01 | |
| Lfprojects Vector Packet Processor | =21.06 | |
| Lfprojects Vector Packet Processor | =21.10 | |
| Lfprojects Vector Packet Processor | =22.02 | |
| Lfprojects Vector Packet Processor | =22.06 | |
| Lfprojects Vector Packet Processor | =22.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-46397?
CVE-2022-46397 is a vulnerability in FP.io VPP (Vector Packet Processor) versions 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 that generates a predictable IV with CBC mode.
What is the severity of CVE-2022-46397?
CVE-2022-46397 has a severity level of high with a CVSS score of 7.5.
Which versions of FP.io VPP are affected by CVE-2022-46397?
FP.io VPP versions 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 are affected by CVE-2022-46397.
How can I fix CVE-2022-46397?
To fix CVE-2022-46397, it is recommended to upgrade to a version of FP.io VPP that includes the patch for the vulnerability.
Where can I find more information about CVE-2022-46397?
You can find more information about CVE-2022-46397 at the following references: [Reference 1](https://lists.fd.io/g/security-announce/message/2), [Reference 2](https://s3-docs.fd.io/vpp/23.02/)
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/lfprojects
- canonical/lfprojects vector packet processor
- version/lfprojects vector packet processor/19.04
- version/lfprojects vector packet processor/19.08
- version/lfprojects vector packet processor/20.01
- version/lfprojects vector packet processor/20.05
- version/lfprojects vector packet processor/20.09
- version/lfprojects vector packet processor/21.01
- version/lfprojects vector packet processor/21.06
- version/lfprojects vector packet processor/21.10
- version/lfprojects vector packet processor/22.02
- version/lfprojects vector packet processor/22.06
- version/lfprojects vector packet processor/22.10