CVE Vulnerabilities

CVE-2020-0902

Improper Privilege Management

Published: Mar 12, 2020 | Modified: Jul 21, 2021
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka ‘Service Fabric Elevation of Privilege’.

Weakness

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Service_fabric Microsoft - -

Potential Mitigations

References