This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | Hp | First view | 2020-06-08 |
Product | Envy 6020 5Se17A | Last view | 2020-06-08 |
Version | Type | Hardware | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2020-06-08 | CVE-2020-12695 | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-276 | Incorrect Default Permissions |
Snort® IPS/IDS
Date | Description |
---|---|
2020-07-14 | CallStranger UPnP discovery attempt RuleID : 54281 - Type : INDICATOR-SCAN - Revision : 2 |
2020-07-14 | UPnP SUBSCRIBE Callback denial-of-service attempt RuleID : 54280 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2020-07-14 | UPnP SUBSCRIBE Callback denial-of-service attempt RuleID : 54279 - Type : INDICATOR-COMPROMISE - Revision : 2 |