How severe is CVE-2020-3216?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2020-3216?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2020-3216

MEDIUM Year: 2020

CVSS v3 Score

6.8

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-287

View all →

Vulnerability Description

A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.

CVE-2014-2005

MEDIUM

CVSS:6.8(Medium)

Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically ...

CWE-2872014

CVE-2016-4484

MEDIUM

CVSS:6.8(Medium)

The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.

CWE-2872016

CVE-2017-10709

MEDIUM

CVSS:6.8(Medium)

The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess.

CWE-2872017

CVE-2017-12610

MEDIUM

CVSS:6.8(Medium)

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication wh...

CWE-2872017

CVE-2017-15351

MEDIUM

CVSS:6.8(Medium)

The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in t...

CWE-2872017

CVE-2017-16242

MEDIUM

CVSS:6.8(Medium)

An issue was discovered on MECO USB Memory Stick with Fingerprint MECOZiolsamDE601 devices. The fingerprint authentication requirement for data access can be bypassed. An attacker with physical access...

CWE-2872017

CVE-2020-3216

Vulnerability Description

Related Vulnerabilities

CVE-2014-2005

CVE-2016-4484

CVE-2017-10709

CVE-2017-12610

CVE-2017-15351

CVE-2017-16242