Vulnerability CVE-2020-13847

Vulnerability Name:

CVE-2020-13847 (CCN-185494)

Assigned:

2020-07-14

Published:

2020-07-14

Updated:

2023-01-20

Summary:

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2020-13847

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: XF
Type: UNKNOWN
sylabs-cve202013847-sec-bypass(185494)

Source: CCN
Type: Singularity GIT Repository
SIF Descriptor/Global Header Fields Not Signed

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:202013847	V	CVE-2020-13847	2022-06-30
oval:org.opensuse.security:def:113439	P	singularity-3.8.3-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:64641	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:64801	P	Security update for the Linux Kernel (Important)	2021-11-16
oval:org.opensuse.security:def:74382	P	Security update for libqt5-qtsvg (Moderate)	2021-10-12
oval:org.opensuse.security:def:106840	P	singularity-3.8.3-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:63196	P	apache2-mod_security2-2.9.2-1.34 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:64743	P	Security update for c-ares (Important)	2021-08-17
oval:org.opensuse.security:def:63489	P	libmwaw-0_3-3-0.3.17-4.9.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63018	P	jython-2.2.1-11.65 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62774	P	libXvnc-devel-1.9.0-19.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62993	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62990	P	apache-pdfbox-1.8.16-1.68 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:64534	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:64533	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:64442	P	Security update for openssl-1_1 (Important)	2020-12-09
oval:org.opensuse.security:def:64397	P	Security update for gcc10, nvptx-tools (Moderate)	2020-12-04
oval:org.opensuse.security:def:63393	P	tomcat-9.0.5-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62574	P	libpcre2-posix2-10.31-1.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62573	P	libpango-1_0-0-32bit-1.40.14-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63255	P	apache2-mod_wsgi-python3-4.5.18-2.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63619	P	gnome-shell-calendar-3.34.4+4-1.58 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62986	P	zlib-devel-32bit-1.2.11-3.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62597	P	ppp-2.4.7-3.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63053	P	libmunge2-0.5.14-4.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:74855	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:64288	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63946	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:63839	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:74508	P	Security update for singularity (Important)	2020-12-01
oval:org.opensuse.security:def:64913	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:64186	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:74988	P	Security update for singularity (Important)	2020-12-01
oval:org.opensuse.security:def:64330	P	libhogweed4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64080	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:63692	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:64068	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:109691	P	Security update for singularity (Important)	2020-07-27
oval:org.opensuse.security:def:96344	P	Security update for singularity (Important)	2020-07-27
oval:org.opensuse.security:def:103034	P	Security update for singularity (Important)	2020-07-27
oval:org.opensuse.security:def:110132	P	Security update for singularity (Important)	2020-07-23
oval:org.opensuse.security:def:110683	P	Security update for singularity (Important)	2020-07-19

BACK