How severe is CVE-2020-5417?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.5 out of 10.

What type of vulnerability is CVE-2020-5417?

This is classified as CWE-732, which is a common weakness in software security.

CVE-2020-5417 - HIGH Severity | CVSS 8.5

Vulnerability Description

Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain (which is true in the default CF Deployment manifest), were vulnerable to developers maliciously or accidentally claiming certain sensitive routes, potentially resulting in the developer's app handling some requests that were expected to go to certain system components.

Related Vulnerabilities

CVE-2018-1197

HIGH

CVSS:8.5(High)

In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access...

CWE-7322018

CVE-2017-11652

HIGH

CVSS:8.4(High)

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.

CWE-7322017

CVE-2025-0064

HIGH

CVSS:8.7(High)

Under specific conditions, the Central Management Console of the SAP BusinessObjects Business Intelligence platform allows an attacker with admin rights to generate or retrieve a secret passphrase, en...

CWE-7322025

CVE-2007-6033

HIGH

CVSS:8.8(High)

Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrar...

CWE-7322007

CVE-2017-0311

HIGH

CVSS:8.8(High)

NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where improper access control may lead to denial of service or possible escalation of privileges.

CWE-7322017

CVE-2017-0784

HIGH

CVSS:8.8(High)

A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.

CWE-7322017