Vulnerability CVE-2020-10936: Information

Description

Sympa before 6.2.56 allows privilege escalation.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-10936
Published: May 27, 2020
Modified: Nov. 7, 2023
Error type identifier: CWE-269

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://sysdream.com/news/lab/
  • Third Party Advisory
https://github.com/sympa-community/sympa/releases
  • Release Notes
  • Third Party Advisory
https://sysdream.com/news/lab/2020-05-25-cve-2020-10936-sympa-privileges-escalation-to-root/
  • Exploit
  • Third Party Advisory
USN-4442-1
  • Third Party Advisory
[debian-lts-announce] 20201007 [SECURITY] [DLA 2401-1] sympa security update
  • Mailing List
  • Third Party Advisory
DSA-4818
  • Third Party Advisory
FEDORA-2020-9b6c969aac
    FEDORA-2020-d767d9077b

        1. Configuration 1

          cpe:2.3:a:sympa:sympa:*:*:*:*:*:*:*:*
          End excliding
          6.2.56

          Configuration 2

          cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
          cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

          Configuration 3

          cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
          cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

          Configuration 4

          cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.1
      Back to top