How severe is CVE-2019-20676?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2019-20676?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2019-20676

MEDIUM Year: 2019

CVSS v3 Score

6.0

Medium

CVSS v2 Score

3.6

Low

Weakness Type

CWE-862

View all →

Vulnerability Description

Certain NETGEAR devices are affected by lack of access control at the function level. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before 1.0.0.15, GS724TPv2 before 1.1.1.29, GS808E before 1.7.0.7, GS810EMX before 1.7.1.1, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, GSS108EPP before 1.0.0.15, GSS116E before 1.6.0.9, JGS516PE before 2.6.0.35, JGS524Ev2 before 2.6.0.35, JGS524PE before 2.6.0.35, XS512EM before 1.0.1.1, XS708Ev2 before 1.6.0.23, XS716E before 1.6.0.23, and XS724EM before 1.0.1.1.

CVE-2021-32015

MEDIUM

CVSS:6.0(Medium)

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmwar...

CWE-8622021

CVE-2017-7677

MEDIUM

CVSS:5.9(Medium)

In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table.

CWE-8622017

CVE-2019-0201

MEDIUM

CVSS:5.9(Medium)

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and retur...

CWE-8622019

CVE-2020-10746

MEDIUM

CVSS:6.1(Medium)

A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to ...

CWE-8622020

CVE-2020-4175

MEDIUM

CVSS:5.9(Medium)

IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit t...

CWE-8622020

CVE-2020-4413

MEDIUM

CVSS:5.9(Medium)

IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this v...

CWE-8622020

CVE-2019-20676

Vulnerability Description

Related Vulnerabilities

CVE-2021-32015

CVE-2017-7677

CVE-2019-0201

CVE-2020-10746

CVE-2020-4175

CVE-2020-4413