Security Announcement-Statement on Ripple20 Vulnerability
19-08-2020
Overview
The JSOF research lab has discovered a series of zero-day vulnerabilities in low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities are collectively referred to as “Ripple20”.
The vulnerability number is:
CVE-2020-11896
CVE-2020-11897
CVE-2020-11898
CVE-2020-11899
CVE-2020-11900
CVE-2020-11901
CVE-2020-11902
CVE-2020-11903
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11908
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
Analysis has confirmed that H3C equipment is not affected by this vulnerability.
Update records
2020-07-20 FINAL
H3C security emergency response external service
H3C advocates that every effort be made to safeguard the ultimate interests of product users, to abide by principles of responsible disclosure of security incidents, and to handle product security issues in accordance with security issues mechanisms. For information on H3C's security emergency response service and H3C product vulnerabilities, please visit https://www.h3c.com/en/Support/Online_Help/psirt/.