How severe is CVE-2020-14768?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2020-14768?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2020-14768

MEDIUM Year: 2020

CVSS v3 Score

4.3

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: Smart View Provider). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Hyperion Analytic Provider Services executes to compromise Hyperion Analytic Provider Services. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion Analytic Provider Services accessible data as well as unauthorized read access to a subset of Hyperion Analytic Provider Services accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Hyperion Analytic Provider Services. CVSS 3.1 Base Score 4.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L).

CVE-2011-4820

MEDIUM

CVSS:4.3(Medium)

IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using the UID parameter to modify another user's preferences.

NVD-CWE-Other2011

CVE-2015-1971

MEDIUM

CVSS:4.3(Medium)

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manag...

NVD-CWE-Other2015

CVE-2015-6479

MEDIUM

CVSS:4.3(Medium)

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover poten...

NVD-CWE-Other2015

CVE-2016-0162

MEDIUM

CVSS:4.3(Medium)

Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

NVD-CWE-Other2016

CVE-2016-11050

MEDIUM

CVSS:4.3(Medium)

An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016...

NVD-CWE-Other2016

CVE-2016-3422

MEDIUM

CVSS:4.3(Medium)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

NVD-CWE-Other2016

CVE-2020-14768

Vulnerability Description

Related Vulnerabilities

CVE-2011-4820

CVE-2015-1971

CVE-2015-6479

CVE-2016-0162

CVE-2016-11050

CVE-2016-3422