CVE-2020-15705

MEDIUM

Details

Source: MITRE

Published: 2020-07-29

Updated: 2021-05-01

Type: CWE-347

Risk Information

CVSS v2.0

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3.0

Base Score: 6.4

Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 0.5

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:* versions up to 2.04 (inclusive)

Configuration 2

OR

cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:11:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
149217GLSA-202104-05 : GRUB: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
147274NewStart CGSL CORE 5.04 / MAIN 5.04 : grub2 Multiple Vulnerabilities (NS-SA-2021-0008)NessusNewStart CGSL Local Security Checks
medium
146030CentOS 8 : grub2 (CESA-2020:3216)NessusCentOS Local Security Checks
medium
140948EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2020-2000)NessusHuawei Local Security Checks
medium
140075openSUSE Security Update : grub2 (openSUSE-2020-1282)NessusSuSE Local Security Checks
medium
140074openSUSE Security Update : grub2 (openSUSE-2020-1280)NessusSuSE Local Security Checks
medium
139843SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2308-1)NessusSuSE Local Security Checks
medium
139842SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2307-1)NessusSuSE Local Security Checks
medium
139841SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2306-1)NessusSuSE Local Security Checks
medium
139840SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2305-1)NessusSuSE Local Security Checks
medium
139839SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2304-1)NessusSuSE Local Security Checks
medium
139838SUSE SLES15 Security Update : grub2 (SUSE-SU-2020:2303-1)NessusSuSE Local Security Checks
medium
139365Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : GRUB2 regression (USN-4432-2)NessusUbuntu Local Security Checks
medium
139294RHEL 7 : grub2 (RHSA-2020:3274)NessusRed Hat Local Security Checks
medium
139288RHEL 7 : grub2 (RHSA-2020:3271)NessusRed Hat Local Security Checks
medium
139287RHEL 7 : grub2 (RHSA-2020:3276)NessusRed Hat Local Security Checks
medium
139284RHEL 7 : grub2 (RHSA-2020:3273)NessusRed Hat Local Security Checks
medium
139283RHEL 7 : grub2 (RHSA-2020:3275)NessusRed Hat Local Security Checks
medium
139243Photon OS 2.0: Grub2 PHSA-2020-2.0-0267NessusPhotonOS Local Security Checks
medium
139242Photon OS 1.0: Grub2 PHSA-2020-1.0-0311NessusPhotonOS Local Security Checks
medium
139239Windows Security Feature Bypass in Secure Boot (BootHole)NessusWindows
medium
139236CentOS 7 : grub2 (CESA-2020:3217)NessusCentOS Local Security Checks
medium
139198RHEL 7 : grub2 (RHSA-2020:3217)NessusRed Hat Local Security Checks
medium
139194RHEL 8 : grub2 (RHSA-2020:3216)NessusRed Hat Local Security Checks
medium
139193RHEL 8 : grub2 (RHSA-2020:3223)NessusRed Hat Local Security Checks
medium
139192RHEL 8 : grub2 (RHSA-2020:3227)NessusRed Hat Local Security Checks
medium
139179Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : GRUB 2 vulnerabilities (USN-4432-1)NessusUbuntu Local Security Checks
medium
139165Oracle Linux 8 : grub2 (ELSA-2020-5786)NessusOracle Linux Local Security Checks
high
139164Oracle Linux 7 : grub2 (ELSA-2020-5782)NessusOracle Linux Local Security Checks
high