How severe is CVE-2020-28198?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2020-28198?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2020-28198 - HIGH Severity | CVSS 7

Vulnerability Description

The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd). NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Related Vulnerabilities

CVE-2016-8617

HIGH

CVSS:7.0(High)

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.

CWE-7872016

CVE-2017-0325

HIGH

CVSS:7.0(High)

An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High ...

CWE-7872017

CVE-2017-0332

HIGH

CVSS:7.0(High)

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b...

CWE-7872017

CVE-2017-0453

HIGH

CVSS:7.0(High)

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High ...

CWE-7872017

CVE-2017-0608

HIGH

CVSS:7.0(High)

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High ...

CWE-7872017

CVE-2017-16551

HIGH

CVSS:7.0(High)

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.

CWE-7872017