First published: Wed Jun 03 2020(Updated: )
systemd could allow a local authenticated attacker to gain elevated privileges on the system, caused by the mishandling of numerical usernames. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges as root.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Cloud Pak for Security (CP4S) | <=1.7.2.0 | |
IBM Cloud Pak for Security (CP4S) | <=1.7.1.0 | |
IBM Cloud Pak for Security (CP4S) | <=1.7.0.0 | |
Systemd Project Systemd | <=245 | |
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Solidfire \& Hci Management Node | ||
Fedoraproject Fedora | =32 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-13776 is a vulnerability in systemd that allows a local authenticated attacker to gain elevated privileges on the system.
CVE-2020-13776 affects systemd versions up to 245, Apple iPadOS, Netapp Solidfire & Hci Management Node, Fedoraproject Fedora (version 32), and IBM Cloud Pak for Security (CP4S) versions up to 1.7.2.0.
The severity of CVE-2020-13776 is rated as medium with a score of 6.7.
The CWE category of CVE-2020-13776 is CWE-269.
To fix CVE-2020-13776, update systemd to version 245 or newer, or apply the necessary patches provided by the affected software vendors.