CVE Vulnerabilities

CVE-2020-10936

Improper Privilege Management

Published: May 27, 2020 | Modified: Dec 24, 2020
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Sympa before 6.2.56 allows privilege escalation.

Weakness

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Sympa Sympa * *
Sympa Ubuntu bionic *
Sympa Ubuntu eoan *
Sympa Ubuntu focal *
Sympa Ubuntu groovy *
Sympa Ubuntu hirsute *
Sympa Ubuntu trusty *
Sympa Ubuntu trusty/esm *
Sympa Ubuntu upstream *
Sympa Ubuntu xenial *

Potential Mitigations

References