How severe is CVE-2020-26080?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2020-26080?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2020-26080 - MEDIUM Severity | CVSS 4.1

Vulnerability Description

A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. The vulnerability is due to improper domain access control. An attacker could exploit this vulnerability by manipulating JSON payloads to target different domains on an affected system. A successful exploit could allow the attacker to manage user information for users in different domains on an affected system.

Related Vulnerabilities

CVE-2020-8179

MEDIUM

CVSS:4.1(Medium)

Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.

CWE-2842020

CVE-2021-3967

MEDIUM

CVSS:4.1(Medium)

Improper Access Control in GitHub repository zulip/zulip prior to 4.10.

CWE-2842021

CVE-2024-28922

MEDIUM

CVSS:4.1(Medium)

Secure Boot Security Feature Bypass Vulnerability

CWE-2842024

CVE-2024-30146

MEDIUM

CVSS:4.1(Medium)

Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem.

CWE-2842024

CVE-2024-30148

MEDIUM

CVSS:4.1(Medium)

Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem.

CWE-2842024

CVE-2024-52514

MEDIUM

CVSS:4.1(Medium)

Nextcloud Server is a self hosted personal cloud system. After a user received a share with some files inside being blocked by the files access control, the user would still be able to copy the interm...

CWE-2842024