Detections
Analytics
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26139)
medium Tenable OT Security Plugin ID 502098
Synopsis
The remote OT asset is affected by a vulnerability.Description
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
http://www.openwall.com/lists/oss-security/2021/05/11/12
https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html
http://www.nessus.org/u?be0512b5
Plugin Details
Severity: Medium
ID: 502098
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 3/18/2024
Updated: 3/18/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Low
Base Score: 2.9
Temporal Score: 2.1
Vector: CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2020-26139
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.6
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:cisco:ip_phone_8821_firmware, cpe:/o:cisco:ip_phone_6861_firmware, cpe:/o:cisco:ip_phone_8832_firmware, cpe:/o:cisco:ip_phone_8861_firmware, cpe:/o:cisco:ip_phone_8865_firmware
Required KB Items: Tenable.ot/Cisco
Exploit Ease: No known exploits are available
Patch Publication Date: 5/11/2021
Vulnerability Publication Date: 5/11/2021
Reference Information
CVE: CVE-2020-26139
CWE: 327