How severe is CVE-2020-2748?

This vulnerability has a severity rating of LOW with a CVSS score of 3.2 out of 10.

What type of vulnerability is CVE-2020-2748?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2020-2748 - LOW Severity | CVSS 3.2

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).

Related Vulnerabilities

CVE-2020-13362

LOW

CVSS:3.2(Low)

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

CWE-1252020

CVE-2021-27260

LOW

CVSS:3.2(Low)

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute high-privi...

CWE-1252021

CVE-2016-2091

LOW

CVSS:3.3(Low)

The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.

CWE-1252016

CVE-2016-8334

LOW

CVSS:3.3(Low)

A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory l...

CWE-1252016

CVE-2017-2806

LOW

CVSS:3.3(Low)

An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory di...

CWE-1252017

CVE-2017-3021

LOW

CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine.

CWE-1252017