CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13777

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.8%

CVSS Severity

CVSS v3 Score 7.4

CVSS v2 Score 5.8

References

Products affected by CVE-2020-13777

Gnu » Gnutls » Version: 3.6.0

cpe:2.3:a:gnu:gnutls:3.6.0
Gnu » Gnutls » Version: 3.6.1

cpe:2.3:a:gnu:gnutls:3.6.1
Gnu » Gnutls » Version: 3.6.10

cpe:2.3:a:gnu:gnutls:3.6.10
Gnu » Gnutls » Version: 3.6.11

cpe:2.3:a:gnu:gnutls:3.6.11
Gnu » Gnutls » Version: 3.6.12

cpe:2.3:a:gnu:gnutls:3.6.12
Gnu » Gnutls » Version: 3.6.13

cpe:2.3:a:gnu:gnutls:3.6.13
Gnu » Gnutls » Version: 3.6.2

cpe:2.3:a:gnu:gnutls:3.6.2
Gnu » Gnutls » Version: 3.6.3

cpe:2.3:a:gnu:gnutls:3.6.3
Gnu » Gnutls » Version: 3.6.4

cpe:2.3:a:gnu:gnutls:3.6.4
Gnu » Gnutls » Version: 3.6.5

cpe:2.3:a:gnu:gnutls:3.6.5
Gnu » Gnutls » Version: 3.6.6

cpe:2.3:a:gnu:gnutls:3.6.6
Gnu » Gnutls » Version: 3.6.7

cpe:2.3:a:gnu:gnutls:3.6.7
Gnu » Gnutls » Version: 3.6.8

cpe:2.3:a:gnu:gnutls:3.6.8
Gnu » Gnutls » Version: 3.6.8-11.el8_2

cpe:2.3:a:gnu:gnutls:3.6.8-11.el8_2
Gnu » Gnutls » Version: 3.6.9

cpe:2.3:a:gnu:gnutls:3.6.9
Canonical » Ubuntu Linux » Version: 19.10

cpe:2.3:o:canonical:ubuntu_linux:19.10
Canonical » Ubuntu Linux » Version: 20.04

cpe:2.3:o:canonical:ubuntu_linux:20.04
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0
Fedoraproject » Fedora » Version: 31

cpe:2.3:o:fedoraproject:fedora:31
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13777

Products

Pricing

Contact Us