Home > Vulnerability Database > CVE-2020-10747

Mend.io Vulnerability Database

CVE-2020-10747

Date: June 17, 2020

A vulnerability was found in FreeIPA. An account created with a name corresponding to an account local to a system, such as 'root', could access any enrolled machine with that account, with local system privileges. This also bypasses the absence of explicit HBAC rules. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity Score

6.8

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-10747

Url: https://access.redhat.com/security/cve/CVE-2020-10747

Url: https://www.mend.io/vulnerability-database/CVE-2020-10747

Severity Score

6.8

CVSS v3.1

Base Score:	6.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2020-10747

Date: June 17, 2020

Severity Score

Related Resources (3)

Severity Score

CVSS v3.1

Do you need more information?