Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAppleCVE-2020-3898
HistoryOct 22, 2020 - 6:15 p.m.

CVE-2020-3898

2020-10-2218:15:12
CWE-787
CWE-20
apple
web.nvd.nist.gov
304
macos
catalina
memory corruption
privilege escalation
cve-2020-3898

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

12.6%

JSON

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.

Affected configurations

Nvd
Vulners
Node
applemac_os_xRange<10.15.4
VendorProductVersionCPE
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "macOS Catalina 10.15.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

redhatcve 1
nessus 26
almalinux 1
veracode 1
suse 1
cvelist 1
ubuntucve 1
oraclelinux 1
openvas 18
alpinelinux 1
osv 4
redhat 3
fedora 3
rocky 1
prion 1
debiancve 1
nvd 1
debian 1
ubuntu 1
freebsd 1
mageia 1
apple 2
androidsecurity 1
ibm 1
redhatcve
redhatcve
CVE-2020-3898
2020-04-21 13:04:19
nessus
nessus
SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2020:1083-1)
2020-04-24 00:00:00
CentOS 8 : cups (CESA-2020:4469)
2021-02-01 00:00:00
SUSE SLES11 Security Update : cups (SUSE-SU-2020:14341-1)
2021-06-10 00:00:00
almalinux
almalinux
Low: cups security and bug fix update
2020-11-03 12:07:34
veracode
veracode
Denial Of Service (DoS)
2020-11-05 03:19:14
suse
suse
Security update for cups (important)
2020-04-26 00:00:00
cvelist
cvelist
CVE-2020-3898
2020-10-22 17:48:29
ubuntucve
ubuntucve
CVE-2020-3898
2020-04-21 00:00:00
oraclelinux
oraclelinux
cups security and bug fix update
2020-11-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2464)
2020-11-05 00:00:00
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2241)
2020-10-30 00:00:00
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2306)
2020-11-02 00:00:00
alpinelinux
alpinelinux
CVE-2020-3898
2020-10-22 18:15:12
osv
osv
Low: cups security and bug fix update
2020-11-03 12:07:34
CVE-2020-3898
2020-10-22 18:15:12
cups - security update
2020-06-07 00:00:00
redhat
redhat
(RHSA-2020:4469) Low: cups security and bug fix update
2020-11-03 12:07:34
(RHSA-2020:5635) Moderate: OpenShift Container Platform 4.7.0 extras and security update
2021-02-24 14:47:52
(RHSA-2020:5633) Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
2021-02-24 14:49:26
fedora
fedora
[SECURITY] Fedora 32 Update: cups-2.3.1-9.fc32
2020-04-28 02:33:57
[SECURITY] Fedora 31 Update: cups-2.2.12-8.fc31
2020-04-30 03:44:09
[SECURITY] Fedora 30 Update: cups-2.2.12-8.fc30
2020-05-05 03:13:47
rocky
rocky
cups security and bug fix update
2020-11-03 12:07:34
prion
prion
Memory corruption
2020-10-22 18:15:00
debiancve
debiancve
CVE-2020-3898
2020-10-22 18:15:12
nvd
nvd
CVE-2020-3898
2020-10-22 18:15:12
debian
debian
[SECURITY] [DLA 2237-1] cups security update
2020-06-07 16:27:26
ubuntu
ubuntu
CUPS vulnerabilities
2020-04-27 00:00:00
freebsd
freebsd
CUPS -- memory corruption
2020-04-28 00:00:00
mageia
mageia
Updated cups packages fix security vulnerability
2020-06-11 01:26:12
apple
apple
About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra - Apple Support
2020-12-15 06:13:57
About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra
2020-03-24 00:00:00
androidsecurity
androidsecurity
Android 11 Security Release Notes
2020-08-25 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

12.6%

JSON
Related for CVE-2020-3898
redhatcve1nessus26almalinux1veracode1suse1cvelist1ubuntucve1oraclelinux1openvas18alpinelinux1osv4redhat3fedora3rocky1prion1debiancve1nvd1debian1ubuntu1freebsd1mageia1apple2androidsecurity1ibm1