Vulnerability CVE-2020-16118

Vulnerability Name:

CVE-2020-16118 (CCN-186097)

Assigned:

2020-02-08

Published:

2020-02-08

Updated:

2023-02-03

Summary:

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2020-16118

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
balsa-cve202016118-dos(186097)

Source: CCN
Type: Balsa GIT Repository
balsa

Source: cve@mitre.org
Type: Patch, Third Party Advisory
cve@mitre.org

Source: CCN
Type: GNOME GIT Repository
crash due to null pointer access when imap server sends early preauth

Source: cve@mitre.org
Type: Exploit, Third Party Advisory
cve@mitre.org

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:202016118	V	CVE-2020-16118	2021-10-24
oval:org.opensuse.security:def:63431	P	libgstreamer-1_0-0-32bit-1.16.2-1.53 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63091	P	java-1_8_0-ibm-1.8.0_sr6.25-3.50.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62812	P	libsmi-devel-0.4.8-1.29 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:64480	P	Security update for librsvg (Important)	2021-04-28
oval:org.opensuse.security:def:64224	P	Security update for gcc10, nvptx-tools (Moderate)	2020-12-04
oval:org.opensuse.security:def:62611	P	ImageMagick-7.0.7.34-8.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62612	P	MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63293	P	postgresql-contrib-12-2.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62635	P	gnome-settings-daemon-3.34.2+0-2.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:74420	P	Security update for epiphany (Moderate)	2020-12-01
oval:org.opensuse.security:def:63657	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:64326	P	libgcrypt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74546	P	Security update for balsa (Moderate)	2020-12-01
oval:org.opensuse.security:def:63984	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:64368	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64118	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:93504	P	Security update for balsa (Moderate)	2020-08-18
oval:org.opensuse.security:def:100217	P	(Important)	2020-08-18
oval:org.opensuse.security:def:110170	P	Security update for balsa (Moderate)	2020-08-14

BACK