How severe is CVE-2020-17533?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2020-17533?

This is classified as CWE-252, which is a common weakness in software security.

CVE-2020-17533 - HIGH Severity | CVSS 8.1

Vulnerability Description

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and 'canPerformSystemActions' security functions are not checked in some instances, therefore allowing an authenticated user with insufficient permissions to perform the following actions: flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties.

Related Vulnerabilities

CVE-2024-45419

HIGH

CVSS:8.1(High)

Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.

CWE-2522024

CVE-2017-0720

HIGH

CVSS:7.8(High)

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.

CWE-2522017

CVE-2017-6964

HIGH

CVSS:7.8(High)

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code...

CWE-2522017

CVE-2023-40303

HIGH

CVSS:7.8(High)

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if th...

CWE-2522023

CVE-2023-47480

HIGH

CVSS:8.4(High)

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the set*id () function.

CWE-2522023

CVE-2023-41092

HIGH

CVSS:7.6(High)

Unchecked return value in SDM firmware for Intel(R) Stratix 10 and Intel(R) Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent acce...

CWE-2522023