How severe is CVE-2020-8634?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2020-8634?

This is classified as CWE-281, which is a common weakness in software security.

CVE-2020-8634 - HIGH Severity | CVSS 7.8

Vulnerability Description

Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may escalate privileges to root.

Related Vulnerabilities

CVE-2001-0195

HIGH

CVSS:7.8(High)

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.

CWE-2812001

CVE-2017-8465

HIGH

CVSS:7.8(High)

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Wind...

CWE-2812017

CVE-2017-8466

HIGH

CVSS:7.8(High)

Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevati...

CWE-2812017

CVE-2017-8468

HIGH

CVSS:7.8(High)

CWE-2812017

CVE-2017-8552

HIGH

CVSS:7.8(High)

A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of pr...

CWE-2812017

CVE-2017-8578

HIGH

CVSS:7.8(High)

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allo...

CWE-2812017