Launchpad CVE tracker

CVE 2020-15862

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

Related bugs and status

CVE-2020-15862 (Candidate) is related to these bugs:

Bug #1875926: snmpd upgrade (Bionic->Focal) changes Debian-snmp UID/GID

Summary				In	Importance	Status
	1875926	snmpd upgrade (Bionic->Focal) changes Debian-snmp UID/GID		net-snmp (Ubuntu)	Undecided	Fix Released
	1875926	snmpd upgrade (Bionic->Focal) changes Debian-snmp UID/GID		net-snmp (Ubuntu Bionic)	Undecided	Fix Released

Bug #1892980: NET-SNMP-EXTEND-MIB::nsExtendCacheTime cannot be set anymore

Summary				In	Importance	Status
	1892980	NET-SNMP-EXTEND-MIB::nsExtendCacheTime cannot be set anymore		net-snmp (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-15862

References