PT-2020-3581 · Net Snmp+2 · Net-Snmp+2

Tobias Neitzel

Published

2020-07-31

Updated

2025-12-03

CVE-2020-15861

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Net-SNMP versions prior to 5.7.3

Description The issue allows for Escalation of Privileges due to the following of UNIX symbolic links (symlinks). This can potentially enable a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For versions prior to 5.7.3, update to version 5.7.3 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

BDU:2020-03914

CVE-2020-15861

DLA-2313-1

DSA-4746-1

USN-4471-1

USN-4471-2

Affected Products

Linuxmint

Net-Snmp

Ubuntu

PT-2020-3581 · Net Snmp+2 · Net-Snmp+2

CVE-2020-15861

Weakness Enumeration

Related Identifiers

Affected Products

References · 30