This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Hp | First view | 2020-06-08 |
| Product | Envy 6020 5Se17A | Last view | 2020-06-08 |
| Version | Type | Hardware | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2020-06-08 | CVE-2020-12695 | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-276 | Incorrect Default Permissions |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-07-14 | CallStranger UPnP discovery attempt RuleID : 54281 - Type : INDICATOR-SCAN - Revision : 2 |
| 2020-07-14 | UPnP SUBSCRIBE Callback denial-of-service attempt RuleID : 54280 - Type : INDICATOR-COMPROMISE - Revision : 2 |
| 2020-07-14 | UPnP SUBSCRIBE Callback denial-of-service attempt RuleID : 54279 - Type : INDICATOR-COMPROMISE - Revision : 2 |
