VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-taaz-xar7-aaab

Essentials
Severities (121)
References (18)
Severity details (32)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-taaz-xar7-aaab
Aliases	CVE-2020-10744 GHSA-vp9j-rghq-8jhh PYSEC-2020-208
Summary	An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (5)

CWE-362	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-377	Insecure Temporary File
CWE-668	Exposure of Resource to Wrong Sphere
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	5.0	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00038	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00038	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00038	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
epss	0.00058	https://api.first.org/data/v1/epss?cve=CVE-2020-10744
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1835566
cvssv3.1	5.0	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
generic_textual	LOW	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
cvssv3.1	5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.0	https://github.com/advisories/GHSA-vp9j-rghq-8jhh
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-vp9j-rghq-8jhh
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-vp9j-rghq-8jhh
generic_textual	LOW	https://github.com/advisories/GHSA-vp9j-rghq-8jhh
cvssv3.1	5.0	https://github.com/ansible/ansible
cvssv3.1	5.0	https://github.com/ansible/ansible
generic_textual	LOW	https://github.com/ansible/ansible
generic_textual	MODERATE	https://github.com/ansible/ansible
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
generic_textual	LOW	https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
generic_textual	LOW	https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
cvssv3.1	5.0	https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
generic_textual	LOW	https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
generic_textual	MODERATE	https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
cvssv3.1	5.0	https://github.com/ansible/ansible/issues/69782
generic_textual	LOW	https://github.com/ansible/ansible/issues/69782
generic_textual	MODERATE	https://github.com/ansible/ansible/issues/69782
cvssv3.1	5.0	https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
generic_textual	LOW	https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
generic_textual	MODERATE	https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
cvssv2	3.7	https://nvd.nist.gov/vuln/detail/CVE-2020-10744
cvssv3	5.0	https://nvd.nist.gov/vuln/detail/CVE-2020-10744
cvssv3.1	5.0	https://nvd.nist.gov/vuln/detail/CVE-2020-10744
generic_textual	LOW	https://nvd.nist.gov/vuln/detail/CVE-2020-10744

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json
		https://api.first.org/data/v1/epss?cve=CVE-2020-10744
		https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/ansible/ansible
		https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
		https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
		https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
		https://github.com/ansible/ansible/issues/69782
		https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
1835566		https://bugzilla.redhat.com/show_bug.cgi?id=1835566
966660		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660
cpe:2.3:a:redhat:ansible::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible::::::::
cpe:2.3:a:redhat:ansible_tower::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower::::::::
CVE-2020-10744		https://nvd.nist.gov/vuln/detail/CVE-2020-10744
GHSA-vp9j-rghq-8jhh		https://github.com/advisories/GHSA-vp9j-rghq-8jhh
USN-USN-5315-1		https://usn.ubuntu.com/USN-5315-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/advisories/GHSA-vp9j-rghq-8jhh

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/issues/69782

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10744

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10744

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10744

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.06955
EPSS Score	0.00036
Published At	March 28, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.