How severe is CVE-2020-1981?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2020-1981?

This is classified as CWE-377, which is a common weakness in software security.

CVE-2020-1981 - HIGH Severity | CVSS 7.8

Vulnerability Description

A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.

Related Vulnerabilities

CVE-2018-3710

HIGH

CVSS:7.8(High)

Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.

CWE-3772018

CVE-2022-34387

HIGH

CVSS:7.8(High)

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious us...

CWE-3772022

CVE-2022-4817

HIGH

CVSS:7.8(High)

A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. The attack can be i...

CWE-3772022

CVE-2023-49342

HIGH

CVSS:7.8(High)

Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who ...

CWE-3772023

CVE-2023-49344

HIGH

CVSS:7.8(High)

Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user...

CWE-3772023

CVE-2023-49345

HIGH

CVSS:7.8(High)

Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who ...

CWE-3772023