How severe is CVE-2020-3472?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2020-3472?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2020-3472

MEDIUM Year: 2020

CVSS v3 Score

5.0

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-200

View all →

Vulnerability Description

A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An attacker on one Webex Meetings site could exploit this vulnerability by sending specially crafted requests to the Webex Meetings site. A successful exploit could allow the attacker to view the details of users on another Webex site, including user names and email addresses.

CVE-2015-2253

MEDIUM

CVSS:5.0(Medium)

The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document.

CWE-2002015

CVE-2016-0073

MEDIUM

CVSS:5.0(Medium)

The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an ...

CWE-2002016

CVE-2016-0079

MEDIUM

CVSS:5.0(Medium)

The kernel in Microsoft Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Win...

CWE-2002016

CVE-2016-3232

MEDIUM

CVSS:5.0(Medium)

The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted applic...

CWE-2002016

CVE-2016-3256

MEDIUM

CVSS:5.0(Medium)

Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode ...

CWE-2002016

CVE-2017-0282

MEDIUM

CVSS:5.0(Medium)

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2...

CWE-2002017

CVE-2020-3472

Vulnerability Description

Related Vulnerabilities

CVE-2015-2253

CVE-2016-0073

CVE-2016-0079

CVE-2016-3232

CVE-2016-3256

CVE-2017-0282