How severe is CVE-2020-2907?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2020-2907?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2020-2907 - HIGH Severity | CVSS 7.5

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

Related Vulnerabilities

CVE-2000-0258

HIGH

CVSS:7.5(High)

IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.

CWE-202000

CVE-2008-2169

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue t...

CWE-202008

CVE-2008-2170

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue...

CWE-202008

CVE-2008-2173

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue ...

CWE-202008

CVE-2009-5050

HIGH

CVSS:7.5(High)

konversation before 1.2.3 allows attackers to cause a denial of service.

CWE-202009

CVE-2010-1678

HIGH

CVSS:7.5(High)

Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing.

CWE-202010