CVE-2020-11447 - OpenCVE

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bell	Home Hub 3000 Home Hub 3000 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:bell:home_hub_3000_firmware:sg48222070:*:*:*:*:*:*:*

cpe:2.3:h:bell:home_hub_3000:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://0xem.ma/posts/HH3K-CVE/
https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems

History

Wed, 04 Sep 2024 22:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-200

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-17T00:00:00

Updated: 2024-09-04T20:15:00.565Z

Reserved: 2020-04-01T00:00:00

Link: CVE-2020-11447

Vulnrichment

Updated: 2024-08-04T11:28:13.883Z

NVD

Status : Modified

Published: 2023-11-17T12:15:06.967

Modified: 2024-09-04T21:35:01.560

Link: CVE-2020-11447

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-11447", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-09-04T20:15:00.565Z", "dateReserved": "2020-04-01T00:00:00", "datePublished": "2023-11-17T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-11-17T11:57:13.355698"}, "descriptions": [{"lang": "en", "value": "An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems"}, {"url": "https://0xem.ma/posts/HH3K-CVE/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:28:13.883Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems", "tags": ["x_transferred"]}, {"url": "https://0xem.ma/posts/HH3K-CVE/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "affected": [{"vendor": "bell", "product": "home_hub_3000_firmware", "cpes": ["cpe:2.3:o:bell:home_hub_3000_firmware:sg48222070:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "sg_48222070", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-01-10T20:54:41.123961Z", "id": "CVE-2020-11447", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T20:15:00.565Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems", "tags": ["x_transferred"]}, {"url": "https://0xem.ma/posts/HH3K-CVE/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:28:13.883Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-11447", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-01-10T20:54:41.123961Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:bell:home_hub_3000_firmware:sg48222070:*:*:*:*:*:*:*"], "vendor": "bell", "product": "home_hub_3000_firmware", "versions": [{"status": "affected", "version": "sg_48222070"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T20:14:54.332Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems"}, {"url": "https://0xem.ma/posts/HH3K-CVE/"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-11-17T11:57:13.355698"}}}, "cveMetadata": {"cveId": "CVE-2020-11447", "state": "PUBLISHED", "dateUpdated": "2024-09-04T20:15:00.565Z", "dateReserved": "2020-04-01T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-11-17T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:bell:home_hub_3000_firmware:sg48222070:*:*:*:*:*:*:*", "matchCriteriaId": "B681B30E-89C3-42FC-A379-2E032E66EC89", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:bell:home_hub_3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "027D1242-2900-489B-A980-55C906957EFA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos Bell HomeHub 3000 SG48222070. Los usuarios autenticados remotamente pueden recuperar el n\u00famero de serie a trav\u00e9s de cgi/json-req; esto es una filtraci\u00f3n de informaci\u00f3n porque el n\u00famero de serie pretende demostrar el acceso f\u00edsico de un actor al dispositivo."}], "id": "CVE-2020-11447", "lastModified": "2024-09-04T21:35:01.560", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-17T12:15:06.967", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://0xem.ma/posts/HH3K-CVE/"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}