How severe is CVE-2018-1116?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2018-1116?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2018-1116

MEDIUM Year: 2018

CVSS v3 Score

4.7

Medium

CVSS v2 Score

3.6

Low

Weakness Type

CWE-285

View all →

Vulnerability Description

A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.

CVE-2020-10686

MEDIUM

CVSS:4.7(Medium)

A flaw was found in Keycloak version 8.0.2 and 9.0.0, and was fixed in Keycloak version 9.0.1, where a malicious user registers as oneself. The attacker could then use the remove devices form to post ...

CWE-2852020

CVE-2019-3820

MEDIUM

CVSS:4.8(Medium)

It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain...

CWE-2852019

CVE-2016-8776

MEDIUM

CVSS:4.6(Medium)

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some f...

CWE-2852016

CVE-2020-1908

MEDIUM

CVSS:4.6(Medium)

Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the...

CWE-2852020