CVE-2020-14871

NVD Published Date: October 21, 2020 at 03:15 PM
NVD Last Modified: August 14, 2024 at 08:09 PM
Download Patch
Vulnerability ID
CVE-2020-14871
Severity
CRITICAL
Severity Score
10.0
Summary
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE ID
CWE-787

Recent Publish

CVE-2021-22893

2024-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64 (KB5039895)

2024-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 23H2 for ARM64 (KB5039895)

2024-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for ARM64 (KB5039895)

2024-07 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 23H2 for x64 (KB5039895)

2024-07 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 for x64-based systems (KB5040426)

See SecOps Solution
in action

Schedule Demo