How severe is CVE-2020-11198?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2020-11198?

This is classified as CWE-212, which is a common weakness in software security.

CVE-2020-11198

MEDIUM Year: 2020

CVSS v3 Score

6.7

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-212

View all →

Vulnerability Description

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2021-33080

MEDIUM

CVSS:6.8(Medium)

Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthent...

CWE-2122021

CVE-2017-15113

MEDIUM

CVSS:6.6(Medium)

ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the ...

CWE-2122017

CVE-2020-14301

MEDIUM

CVSS:6.5(Medium)

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows ...

CWE-2122020

CVE-2020-26965

MEDIUM

CVSS:6.5(Medium)

Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers...

CWE-2122020