How severe is CVE-2020-16134?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2020-16134?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2020-16134

HIGH Year: 2020

CVSS v3 Score

8.0

High

CVSS v2 Score

7.7

High

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet Box 3 prior to 11.01.20, and Internet Box light prior to 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device's plus or reset button, an attacker can create a user with elevated privileges on the Sysbus-API. This can then be used to modify local or remote SSH access, thus allowing a login session as the superuser.

CVE-2016-1991

HIGH

CVSS:8.0(High)

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download"...

NVD-CWE-Other2016

CVE-2017-10403

HIGH

CVSS:8.0(High)

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery). Supported versions that are affected are 8.5.1 and 9.0.0. Difficult...

NVD-CWE-Other2017

CVE-2017-16674

HIGH

CVSS:8.0(High)

Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an attack with a malformed primary whitelisted command a...

NVD-CWE-Other2017

CVE-2018-2601

HIGH

CVSS:8.0(High)

Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0 ...

NVD-CWE-Other2018

CVE-2018-3662

HIGH

CVSS:8.0(High)

Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root.

NVD-CWE-Other2018

CVE-2018-5234

HIGH

CVSS:8.0(High)

The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable ...

NVD-CWE-Other2018

CVE-2020-16134

Vulnerability Description

Related Vulnerabilities

CVE-2016-1991

CVE-2017-10403

CVE-2017-16674

CVE-2018-2601

CVE-2018-3662

CVE-2018-5234