CVE-2020-28948

high

Details

Source: MITRE

Published: 2020-11-19

Updated: 2021-09-25

Type: CWE-502

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (16 total)

IDNameProductFamilySeverity
145766EulerOS 2.0 SP8 : php-pear (EulerOS-SA-2021-1164)NessusHuawei Local Security Checks
high
145432GLSA-202101-23 : PEAR Archive_Tar: Directory traversalNessusGentoo Local Security Checks
high
145000Amazon Linux AMI : php7-pear (ALAS-2021-1466)NessusAmazon Linux Local Security Checks
high
144803Amazon Linux 2 : php-pear (ALAS-2021-1584)NessusAmazon Linux Local Security Checks
high
144483Debian DSA-4817-1 : php-pear - security updateNessusDebian Local Security Checks
high
144247Fedora 32 : drupal8 (2020-d50d74d6f2)NessusFedora Local Security Checks
high
144225Fedora 33 : drupal8 (2020-6f1079934c)NessusFedora Local Security Checks
high
143438Fedora 33 : 1:php-pear (2020-f351eb14e3)NessusFedora Local Security Checks
high
143436Fedora 32 : 1:php-pear (2020-5271a896ff)NessusFedora Local Security Checks
high
143428Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : PEAR vulnerabilities (USN-4654-1)NessusUbuntu Local Security Checks
high
143336Debian DLA-2466-1 : drupal7 security updateNessusDebian Local Security Checks
high
112665Drupal 7.x < 7.75 Remote Code ExecutionWeb Application ScanningComponent Vulnerability
high
112664Drupal 8.8.x < 8.8.12 Remote Code ExecutionWeb Application ScanningComponent Vulnerability
high
112663Drupal 8.9.x < 8.9.10 Remote Code ExecutionWeb Application ScanningComponent Vulnerability
high
112662Drupal 9.0.x < 9.0.9 Remote Code ExecutionWeb Application ScanningComponent Vulnerability
high
143274Drupal 7.x < 7.75 / 8.x < 8.8.12 / 8.9.x < 8.9.10 / 9.0.x < 9.0.9 Multiple Vulnerabilities (SA-CORE-2020-013)NessusCGI abuses
high