Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-46397

FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode.

Published

2023-03-28T22:15:09.243

Last Modified

2025-02-19T19:15:11.217

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-Other
Type: Secondary
CWE-329

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	lfprojects	vector_packet_processor	19.04	Yes
Application	lfprojects	vector_packet_processor	19.08	Yes
Application	lfprojects	vector_packet_processor	20.01	Yes
Application	lfprojects	vector_packet_processor	20.05	Yes
Application	lfprojects	vector_packet_processor	20.09	Yes
Application	lfprojects	vector_packet_processor	21.01	Yes
Application	lfprojects	vector_packet_processor	21.06	Yes
Application	lfprojects	vector_packet_processor	21.10	Yes
Application	lfprojects	vector_packet_processor	22.02	Yes
Application	lfprojects	vector_packet_processor	22.06	Yes
Application	lfprojects	vector_packet_processor	22.10	Yes

References

https://lists.fd.io/g/security-announce/message/2 Vendor Advisory ([email protected])
https://s3-docs.fd.io/vpp/23.02/ Product ([email protected])
https://lists.fd.io/g/security-announce/message/2 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://s3-docs.fd.io/vpp/23.02/ Product (af854a3a-2127-422b-91ae-364da2661108)