How severe is CVE-2020-1803?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2020-1803?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2020-1803 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Huawei smartphones Honor V20 with versions earlier than 10.0.0.179(C636E3R4P3),versions earlier than 10.0.0.180(C185E3R3P3),versions earlier than 10.0.0.180(C432E10R3P4) have an information disclosure vulnerability. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, successful exploit could cause information disclosure.

Related Vulnerabilities

CVE-2013-1596

MEDIUM

CVSS:5.3(Medium)

An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.

CWE-2872013

CVE-2013-1600

MEDIUM

CVSS:5.3(Medium)

An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-210...

CWE-2872013

CVE-2016-2102

MEDIUM

CVSS:5.3(Medium)

HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.

CWE-2872016

CVE-2016-5133

MEDIUM

CVSS:5.3(Medium)

Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect ...

CWE-2872016

CVE-2016-9646

MEDIUM

CVSS:5.3(Medium)

ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata for...

CWE-2872016

CVE-2017-15272

MEDIUM

CVSS:5.3(Medium)

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "I...

CWE-2872017