How severe is CVE-2020-12618?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2020-12618?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2020-12618

MEDIUM Year: 2020

CVSS v3 Score

4.8

Medium

CVSS v2 Score

5.8

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the attacker to decipher further communication. The entire attack could be accomplished by sending a single email.

CVE-2016-5541

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Di...

NVD-CWE-Other2016

CVE-2017-10063

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Diff...

NVD-CWE-Other2017

CVE-2017-10149

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). Supported versions that are affected are 9.13, 9.14, 10.1, 10.2, 15.1, 15.2, 16.1 and 16.2...

NVD-CWE-Other2017

CVE-2017-10161

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite (subcomponent: Web Services Security). Supported versions that are affected are 6.1.3.0 and 6.2....

NVD-CWE-Other2017

CVE-2017-10386

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.7. Easily exploi...

NVD-CWE-Other2017

CVE-2018-2599

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embed...

NVD-CWE-Other2018

CVE-2020-12618

Vulnerability Description

Related Vulnerabilities

CVE-2016-5541

CVE-2017-10063

CVE-2017-10149

CVE-2017-10161

CVE-2017-10386

CVE-2018-2599