How severe is CVE-2020-1596?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2020-1596?

This is classified as CWE-327, which is a common weakness in software security.

CVE-2020-1596 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability, an attacker would have to conduct a man-in-the-middle attack. The update addresses the vulnerability by correcting how TLS components use hash algorithms.

Related Vulnerabilities

CVE-2018-18587

MEDIUM

CVSS:5.3(Medium)

BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash.

CWE-3272018

CVE-2018-1996

MEDIUM

CVSS:5.3(Medium)

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obt...

CWE-3272018

CVE-2019-4325

MEDIUM

CVSS:5.3(Medium)

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

CWE-3272019

CVE-2019-5135

MEDIUM

CVSS:5.3(Medium)

An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management (WBM) web application on WAGO PFC100/200 controllers. The WBM application makes u...

CWE-3272019

CVE-2019-9836

MEDIUM

CVSS:5.3(Medium)

Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic impl...

CWE-3272019

CVE-2020-1810

MEDIUM

CVSS:5.3(Medium)

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers...

CWE-3272020