Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-13776
HistoryJun 03, 2020 - 3:15 a.m.

CVE-2020-13776

2020-06-0303:15:10
CWE-269
[email protected]
web.nvd.nist.gov
147
systemd
cve-2020-13776
nvd
security
incomplete fix
privilege escalation
vulnerability
numerical usernames

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

Affected configurations

NVD
Node
systemd_projectsystemdRange245
Node
netappactive_iq_unified_managerMatch-vmware_vsphere
OR
netappsolidfire_\&_hci_management_nodeMatch-
Node
fedoraprojectfedoraMatch32

Related

osv 3
openvas 8
nessus 20
prion 2
veracode 1
nvd 2
ubuntucve 2
f5 1
broadcom 1
debiancve 2
cvelist 2
altlinux 1
mageia 1
fedora 1
cbl_mariner 1
redhatcve 2
rocky 1
almalinux 1
redhat 12
oraclelinux 1
photon 6
amazon 1
cve 1
kitploit 1
rosalinux 1
ibm 2
ics 1
osv
osv
CVE-2020-13776
2020-06-03 03:15:10
Moderate: systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
CVE-2017-1000082
2017-07-07 17:29:00
openvas
openvas
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1258)
2021-02-05 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1174)
2021-02-02 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1534)
2021-03-05 00:00:00
nessus
nessus
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2021-1277)
2021-02-05 00:00:00
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2021-1258)
2021-02-05 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : systemd (EulerOS-SA-2021-1534)
2021-03-04 00:00:00
prion
prion
Buffer overflow
2020-06-03 03:15:00
Design/Logic Flaw
2017-07-07 17:29:00
veracode
veracode
Privilege Escalation
2020-06-04 05:32:51
nvd
nvd
CVE-2020-13776
2020-06-03 03:15:10
CVE-2017-1000082
2017-07-07 17:29:00
ubuntucve
ubuntucve
CVE-2020-13776
2020-06-03 00:00:00
CVE-2017-1000082
2017-07-07 00:00:00
f5
f5
K04572666 : systemd vulnerability CVE-2020-13776
2020-07-02 00:00:00
broadcom
broadcom
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits.(CVE-2020-13776)
2023-11-07 00:00:00
debiancve
debiancve
CVE-2020-13776
2020-06-03 03:15:10
CVE-2017-1000082
2017-07-07 17:29:00
cvelist
cvelist
CVE-2020-13776
2020-06-03 02:05:22
CVE-2017-1000082
2017-07-07 17:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package systemd version 1:243.9-alt1
2020-10-06 00:00:00
mageia
mageia
Updated systemd packages fix a security vulnerability
2021-07-01 02:58:41
fedora
fedora
[SECURITY] Fedora 32 Update: systemd-245.7-1.fc32
2020-07-30 18:57:56
cbl_mariner
cbl_mariner
CVE-2020-13776 affecting package systemd 239-44
2020-11-30 19:30:44
redhatcve
redhatcve
CVE-2020-13776
2020-06-09 13:24:53
CVE-2017-1000082
2017-07-07 04:48:35
rocky
rocky
systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
almalinux
almalinux
Moderate: systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
redhat
redhat
(RHSA-2021:1611) Moderate: systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
(RHSA-2021:3900) Moderate: systemd security update
2021-10-19 06:25:55
(RHSA-2021:4582) Moderate: Release of components for Service Telemetry Framework 1.3.3 - Container Images
2021-11-10 07:54:39
oraclelinux
oraclelinux
systemd security, bug fix, and enhancement update
2021-05-25 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0252
2020-06-10 00:00:00
Moderate Photon OS Security Update - PHSA-2020-0252
2020-06-10 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0103
2020-06-12 00:00:00
amazon
amazon
Important: systemd
2022-09-30 07:04:00
cve
cve
CVE-2017-1000082
2017-07-07 17:29:00
kitploit
kitploit
Master_Librarian - A Simple Tool To Audit Unix/*BSD/Linux System Libraries To Find Public Security Vulnerabilities
2022-03-09 20:30:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58
ibm
ibm
Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities
2021-12-03 18:52:37
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
2021-10-19 15:38:04
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON
Related for CVE-2020-13776
osv3openvas8nessus20prion2veracode1nvd2ubuntucve2f51broadcom1debiancve2cvelist2altlinux1mageia1fedora1cbl_mariner1redhatcve2rocky1almalinux1redhat12oraclelinux1photon6amazon1cve1kitploit1rosalinux1ibm2ics1