Vulnerability Name:

CVE-2020-13846 (CCN-185495)

Assigned:2020-07-14
Published:2020-07-14
Updated:2023-01-20
Summary:
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-13846

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: XF
Type: UNKNOWN
sylabs-cve202013846-weak-security(185495)

Source: CCN
Type: Singularity GIT Repository
Verify All Returns Success Despite Validation Failures

Source: cve@mitre.org
Type: Patch, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Oval Definitions
Definition IDClassTitleLast Modified
oval:org.opensuse.security:def:202013846
V
CVE-2020-13846
2022-06-30
oval:org.opensuse.security:def:113439
P
singularity-3.8.3-1.2 on GA media (Moderate)
2022-01-17
oval:org.opensuse.security:def:64641
P
Security update for p11-kit (Important)
2021-12-22
oval:org.opensuse.security:def:64801
P
Security update for the Linux Kernel (Important)
2021-11-16
oval:org.opensuse.security:def:74382
P
Security update for libqt5-qtsvg (Moderate)
2021-10-12
oval:org.opensuse.security:def:106840
P
singularity-3.8.3-1.2 on GA media (Moderate)
2021-10-01
oval:org.opensuse.security:def:63196
P
apache2-mod_security2-2.9.2-1.34 on GA media (Moderate)
2021-09-21
oval:org.opensuse.security:def:64743
P
Security update for c-ares (Important)
2021-08-17
oval:org.opensuse.security:def:63489
P
libmwaw-0_3-3-0.3.17-4.9.2 on GA media (Moderate)
2021-08-10
oval:org.opensuse.security:def:63018
P
jython-2.2.1-11.65 on GA media (Moderate)
2021-08-09
oval:org.opensuse.security:def:62774
P
libXvnc-devel-1.9.0-19.9.1 on GA media (Moderate)
2021-08-09
oval:org.opensuse.security:def:62993
P
bouncycastle-1.64-1.63 on GA media (Moderate)
2021-08-09
oval:org.opensuse.security:def:62990
P
apache-pdfbox-1.8.16-1.68 on GA media (Moderate)
2021-08-09
oval:org.opensuse.security:def:64534
P
Security update for wireshark (Important)
2021-06-22
oval:org.opensuse.security:def:64533
P
Security update for salt (Critical)
2021-06-21
oval:org.opensuse.security:def:64442
P
Security update for openssl-1_1 (Important)
2020-12-09
oval:org.opensuse.security:def:64397
P
Security update for gcc10, nvptx-tools (Moderate)
2020-12-04
oval:org.opensuse.security:def:63393
P
tomcat-9.0.5-1.34 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62574
P
libpcre2-posix2-10.31-1.14 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62573
P
libpango-1_0-0-32bit-1.40.14-3.3.1 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63255
P
apache2-mod_wsgi-python3-4.5.18-2.27 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63619
P
gnome-shell-calendar-3.34.4+4-1.58 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62986
P
zlib-devel-32bit-1.2.11-3.12.1 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:62597
P
ppp-2.4.7-3.28 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:63053
P
libmunge2-0.5.14-4.9.1 on GA media (Moderate)
2020-12-03
oval:org.opensuse.security:def:74855
P
Security update for LibVNCServer (Important)
2020-12-01
oval:org.opensuse.security:def:64288
P
krb5 on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:63946
P
Security update for ruby2.1 (Important)
2020-12-01
oval:org.opensuse.security:def:63839
P
Security update for java-1_7_0-openjdk (Important)
2020-12-01
oval:org.opensuse.security:def:74508
P
Security update for singularity (Important)
2020-12-01
oval:org.opensuse.security:def:64913
P
Security update for ncurses (Moderate)
2020-12-01
oval:org.opensuse.security:def:64186
P
Security update for the Linux Kernel (Important)
2020-12-01
oval:org.opensuse.security:def:74988
P
Security update for singularity (Important)
2020-12-01
oval:org.opensuse.security:def:64330
P
libhogweed4 on GA media (Moderate)
2020-12-01
oval:org.opensuse.security:def:64080
P
Security update for perl-DBI (Important)
2020-12-01
oval:org.opensuse.security:def:63692
P
Security update for java-1_7_1-ibm (Important)
2020-12-01
oval:org.opensuse.security:def:64068
P
Security update for java-1_7_1-ibm (Moderate)
2020-12-01
oval:org.opensuse.security:def:109691
P
Security update for singularity (Important)
2020-07-27
oval:org.opensuse.security:def:96344
P
Security update for singularity (Important)
2020-07-27
oval:org.opensuse.security:def:103034
P
Security update for singularity (Important)
2020-07-27
oval:org.opensuse.security:def:110132
P
Security update for singularity (Important)
2020-07-23
oval:org.opensuse.security:def:110683
P
Security update for singularity (Important)
2020-07-19
BACK