Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2020-13776
HistoryJun 09, 2020 - 1:24 p.m.

CVE-2020-13776

2020-06-0913:24:53
redhat.com
access.redhat.com
15

0.0004 Low

EPSS

Percentile

12.8%

JSON

A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or “0x” followed by hexadecimal digits. When the usernames are used by systemd, for example in service units, an unexpected user may be used instead. In some particular configurations, this flaw allows local attackers to elevate their privileges.

Mitigation

Do not use User= directive in services with numerical usernames composed by decimal digits or starting with "0x" followed by hexadecimal digits (e.g. 0x[0-9A-Fa-f]+).

Related

nessus 20
openvas 8
altlinux 1
mageia 1
fedora 1
cbl_mariner 1
rocky 1
osv 2
almalinux 1
prion 1
cve 1
veracode 1
redhat 12
oraclelinux 1
nvd 1
ubuntucve 1
f5 1
broadcom 1
photon 6
debiancve 1
cvelist 1
amazon 1
kitploit 1
rosalinux 1
ibm 2
ics 1
nessus
nessus
Photon OS 2.0: Systemd PHSA-2020-2.0-0252
2020-06-10 00:00:00
Photon OS 3.0: Systemd PHSA-2020-3.0-0103
2020-06-22 00:00:00
EulerOS Virtualization 2.9.0 : systemd (EulerOS-SA-2021-1738)
2021-04-15 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1724)
2021-04-13 00:00:00
Mageia: Security Advisory (MGASA-2021-0304)
2022-01-28 00:00:00
Fedora: Security Advisory for systemd (FEDORA-2020-2faf839786)
2020-07-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package systemd version 1:243.9-alt1
2020-10-06 00:00:00
mageia
mageia
Updated systemd packages fix a security vulnerability
2021-07-01 02:58:41
fedora
fedora
[SECURITY] Fedora 32 Update: systemd-245.7-1.fc32
2020-07-30 18:57:56
cbl_mariner
cbl_mariner
CVE-2020-13776 affecting package systemd 239-44
2020-11-30 19:30:44
rocky
rocky
systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
osv
osv
CVE-2020-13776
2020-06-03 03:15:10
Moderate: systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
almalinux
almalinux
Moderate: systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
prion
prion
Buffer overflow
2020-06-03 03:15:00
cve
cve
CVE-2020-13776
2020-06-03 03:15:10
veracode
veracode
Privilege Escalation
2020-06-04 05:32:51
redhat
redhat
(RHSA-2021:1611) Moderate: systemd security, bug fix, and enhancement update
2021-05-18 05:39:12
(RHSA-2021:3900) Moderate: systemd security update
2021-10-19 06:25:55
(RHSA-2021:4582) Moderate: Release of components for Service Telemetry Framework 1.3.3 - Container Images
2021-11-10 07:54:39
oraclelinux
oraclelinux
systemd security, bug fix, and enhancement update
2021-05-25 00:00:00
nvd
nvd
CVE-2020-13776
2020-06-03 03:15:10
ubuntucve
ubuntucve
CVE-2020-13776
2020-06-03 00:00:00
f5
f5
K04572666 : systemd vulnerability CVE-2020-13776
2020-07-02 00:00:00
broadcom
broadcom
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits.(CVE-2020-13776)
2023-11-07 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0252
2020-06-10 00:00:00
Moderate Photon OS Security Update - PHSA-2020-0252
2020-06-10 00:00:00
Important Photon OS Security Update - PHSA-2020-0103
2020-06-12 00:00:00
debiancve
debiancve
CVE-2020-13776
2020-06-03 03:15:10
cvelist
cvelist
CVE-2020-13776
2020-06-03 02:05:22
amazon
amazon
Important: systemd
2022-09-30 07:04:00
kitploit
kitploit
Master_Librarian - A Simple Tool To Audit Unix/*BSD/Linux System Libraries To Find Public Security Vulnerabilities
2022-03-09 20:30:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58
ibm
ibm
Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities
2021-12-03 18:52:37
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
2021-10-19 15:38:04
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

0.0004 Low

EPSS

Percentile

12.8%

JSON
Related for RH:CVE-2020-13776
nessus20openvas8altlinux1mageia1fedora1cbl_mariner1rocky1osv2almalinux1prion1cve1veracode1redhat12oraclelinux1nvd1ubuntucve1f51broadcom1photon6debiancve1cvelist1amazon1kitploit1rosalinux1ibm2ics1