How severe is CVE-2020-1801?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2020-1801?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2020-1801

MEDIUM Year: 2020

CVSS v3 Score

5.5

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-287

View all →

Vulnerability Description

There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro versions Versions earlier than 10.0.0.205(C00E202R7P2);Mate 30 versions Versions earlier than 10.0.0.205(C00E201R7P2).

CVE-2010-2496

MEDIUM

CVSS:5.5(Medium)

stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its op...

CWE-2872010

CVE-2014-8180

MEDIUM

CVSS:5.5(Medium)

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

CWE-2872014

CVE-2016-5410

MEDIUM

CVSS:5.5(Medium)

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry...

CWE-2872016

CVE-2018-1106

MEDIUM

CVSS:5.5(Medium)

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to i...

CWE-2872018