CVE-2020-26084

MEDIUM Year: 2020
CVSS v3 Score
6.5
Medium
CVSS v2 Score
5.5
Medium
Weakness Type
CWE-668
View all →

Vulnerability Description

A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote attacker to access files outside of their authorization sphere on an affected device. The vulnerability is due to incorrect authorization enforcement on an affected system. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.

Related Vulnerabilities

CVE-2012-5639

MEDIUM
CVSS:6.5(Medium)

LibreOffice and OpenOffice automatically open embedded content

CWE-6682012

CVE-2018-20237

MEDIUM
CVSS:6.5(Medium)

Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.

CWE-6682018

CVE-2019-12875

MEDIUM
CVSS:6.5(Medium)

Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.

CWE-6682019

CVE-2019-4306

MEDIUM
CVSS:6.5(Medium)

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that re...

CWE-6682019

CVE-2020-12687

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve a...

CWE-6682020

CVE-2020-14064

MEDIUM
CVSS:6.5(Medium)

IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.

CWE-6682020