How severe is CVE-2020-26144?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2020-26144?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2020-26144

MEDIUM Year: 2020

CVSS v3 Score

6.5

Medium

CVSS v2 Score

3.3

Low

Weakness Type

CWE-20

View all →

Vulnerability Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2009-5004

MEDIUM

CVSS:6.5(Medium)

qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .

CWE-202009

CVE-2010-2449

MEDIUM

CVSS:6.5(Medium)

Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack.

CWE-202010

CVE-2010-2473

MEDIUM

CVSS:6.5(Medium)

Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal si...

CWE-202010

CVE-2010-2490

MEDIUM

CVSS:6.5(Medium)

Mumble: murmur-server has DoS due to malformed client query

CWE-202010

CVE-2010-3050

MEDIUM

CVSS:6.5(Medium)

Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot).

CWE-202010

CVE-2010-3439

MEDIUM

CVSS:6.5(Medium)

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.

CWE-202010

CVE-2020-26144

Vulnerability Description

Related Vulnerabilities

CVE-2009-5004

CVE-2010-2449

CVE-2010-2473

CVE-2010-2490

CVE-2010-3050

CVE-2010-3439