How severe is CVE-2020-1788?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2020-1788?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2020-1788

MEDIUM Year: 2020

CVSS v3 Score

5.5

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-287

View all →

Vulnerability Description

Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An attacker could trick the user into installing a malicious application. Successful exploit could allow unauthorized actions leading to information disclosure.

CVE-2010-2496

MEDIUM

CVSS:5.5(Medium)

stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its op...

CWE-2872010

CVE-2014-8180

MEDIUM

CVSS:5.5(Medium)

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

CWE-2872014

CVE-2016-5410

MEDIUM

CVSS:5.5(Medium)

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry...

CWE-2872016

CVE-2018-1106

MEDIUM

CVSS:5.5(Medium)

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to i...

CWE-2872018