How severe is CVE-2020-2016?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2020-2016?

This is classified as CWE-377, which is a common weakness in software security.

CVE-2020-2016

HIGH Year: 2020

CVSS v3 Score

7.0

High

CVSS v2 Score

8.5

High

Weakness Type

CWE-377

View all →

Vulnerability Description

A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0.

CVE-2018-1053

HIGH

CVSS:7.0(High)

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_...

CWE-3772018

CVE-2020-8032

HIGH

CVSS:7.0(High)

A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4....

CWE-3772020

CVE-2020-1991

HIGH

CVSS:7.1(High)

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks T...

CWE-3772020

CVE-2020-25636

HIGH

CVSS:7.1(High)

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have...

CWE-3772020

CVE-2022-3952

HIGH

CVSS:7.1(High)

A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipula...

CWE-3772022

CVE-2021-20202

HIGH

CVSS:7.3(High)

A flaw was found in keycloak. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to th...

CWE-3772021

CVE-2020-2016

Vulnerability Description

Related Vulnerabilities

CVE-2018-1053

CVE-2020-8032

CVE-2020-1991

CVE-2020-25636

CVE-2022-3952

CVE-2021-20202