VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-ad6a-7pdt-aaaf

Essentials
Severities (124)
References (55)
Severity details (18)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-ad6a-7pdt-aaaf
Aliases	CVE-2020-15586
Summary	Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

System	Score	Found at
cvssv3.1	7.5	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html
generic_textual	HIGH	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html
cvssv3.1	7.5	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html
generic_textual	HIGH	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3665
rhas	Low	https://access.redhat.com/errata/RHSA-2020:4201
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4214
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4297
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5118
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5119
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5605
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5606
rhas	Low	https://access.redhat.com/errata/RHSA-2020:5649
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:0072
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:0172
rhas	Low	https://access.redhat.com/errata/RHSA-2021:0713
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:0799
rhas	Low	https://access.redhat.com/errata/RHSA-2021:0956
rhas	Low	https://access.redhat.com/errata/RHSA-2021:1016
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1366
rhas	Important	https://access.redhat.com/errata/RHSA-2021:1515
rhas	Important	https://access.redhat.com/errata/RHSA-2021:2122
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:4103
cvssv3	5.9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00376	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00465	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00536	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00536	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00536	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00536	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00614	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00614	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.00614	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01079	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
epss	0.01086	https://api.first.org/data/v1/epss?cve=CVE-2020-15586
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7919
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html
cvssv3.1	7.5	https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2020-15586
cvssv3	5.9	https://nvd.nist.gov/vuln/detail/CVE-2020-15586
cvssv3.1	5.9	https://nvd.nist.gov/vuln/detail/CVE-2020-15586
cvssv3.1	7.5	https://www.debian.org/security/2021/dsa-4848
generic_textual	HIGH	https://www.debian.org/security/2021/dsa-4848
cvssv3.1	7.5	https://www.oracle.com/security-alerts/cpuApr2021.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpuApr2021.html

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html
		http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html
		http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html
		http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json
		https://api.first.org/data/v1/epss?cve=CVE-2020-15586
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15586
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16845
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7919
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3114
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g
		https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w
		https://groups.google.com/forum/#!topic/golang-announce/f2c5bqrGH_g
		https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w
		https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html
		https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/
		https://security.netapp.com/advisory/ntap-20200731-0005/
		https://www.cloudfoundry.org/blog/cve-2020-15586/
		https://www.debian.org/security/2021/dsa-4848
		https://www.oracle.com/security-alerts/cpuApr2021.html
cpe:2.3:a:cloudfoundry:cf-deployment::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudfoundry:cf-deployment::::::::
cpe:2.3:a:cloudfoundry:routing-release::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudfoundry:routing-release::::::::
cpe:2.3:a:golang:go::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:go::::::::
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:fedoraproject:fedora:31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
cpe:2.3:o:fedoraproject:fedora:32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*
cpe:2.3:o:opensuse:leap:15.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
cpe:2.3:o:opensuse:leap:15.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:::::::*
CVE-2020-15586		https://nvd.nist.gov/vuln/detail/CVE-2020-15586
RHBA-2020:5356		https://bugzilla.redhat.com/show_bug.cgi?id=1856953
RHSA-2020:3665		https://access.redhat.com/errata/RHSA-2020:3665
RHSA-2020:4201		https://access.redhat.com/errata/RHSA-2020:4201
RHSA-2020:4214		https://access.redhat.com/errata/RHSA-2020:4214
RHSA-2020:4297		https://access.redhat.com/errata/RHSA-2020:4297
RHSA-2020:5118		https://access.redhat.com/errata/RHSA-2020:5118
RHSA-2020:5119		https://access.redhat.com/errata/RHSA-2020:5119
RHSA-2020:5605		https://access.redhat.com/errata/RHSA-2020:5605
RHSA-2020:5606		https://access.redhat.com/errata/RHSA-2020:5606
RHSA-2020:5649		https://access.redhat.com/errata/RHSA-2020:5649
RHSA-2021:0072		https://access.redhat.com/errata/RHSA-2021:0072
RHSA-2021:0172		https://access.redhat.com/errata/RHSA-2021:0172
RHSA-2021:0713		https://access.redhat.com/errata/RHSA-2021:0713
RHSA-2021:0799		https://access.redhat.com/errata/RHSA-2021:0799
RHSA-2021:0956		https://access.redhat.com/errata/RHSA-2021:0956
RHSA-2021:1016		https://access.redhat.com/errata/RHSA-2021:1016
RHSA-2021:1366		https://access.redhat.com/errata/RHSA-2021:1366
RHSA-2021:1515		https://access.redhat.com/errata/RHSA-2021:1515
RHSA-2021:2122		https://access.redhat.com/errata/RHSA-2021:2122
RHSA-2021:4103		https://access.redhat.com/errata/RHSA-2021:4103

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15586

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15586

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15586

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2021/dsa-4848

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.oracle.com/security-alerts/cpuApr2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.43997
EPSS Score	0.00237
Published At	March 28, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.