How severe is CVE-2020-14878?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2020-14878?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2020-14878

HIGH Year: 2020

CVSS v3 Score

8.0

High

CVSS v2 Score

7.7

High

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 8.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

CVE-2016-1991

HIGH

CVSS:8.0(High)

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download"...

NVD-CWE-Other2016

CVE-2017-10403

HIGH

CVSS:8.0(High)

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery). Supported versions that are affected are 8.5.1 and 9.0.0. Difficult...

NVD-CWE-Other2017

CVE-2017-16674

HIGH

CVSS:8.0(High)

Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an attack with a malformed primary whitelisted command a...

NVD-CWE-Other2017

CVE-2018-2601

HIGH

CVSS:8.0(High)

Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0 ...

NVD-CWE-Other2018

CVE-2018-3662

HIGH

CVSS:8.0(High)

Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root.

NVD-CWE-Other2018

CVE-2018-5234

HIGH

CVSS:8.0(High)

The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable ...

NVD-CWE-Other2018

CVE-2020-14878

Vulnerability Description

Related Vulnerabilities

CVE-2016-1991

CVE-2017-10403

CVE-2017-16674

CVE-2018-2601

CVE-2018-3662

CVE-2018-5234