CVE-2020-4008

LOW Year: 2020
CVSS v3 Score
3.6
Low
CVSS v2 Score
3.3
Low
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor installation.

Related Vulnerabilities

CVE-2019-2961

LOW
CVSS:3.6(Low)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF services & legacy daemons). The supported version that is affected is 11. Difficult to exploit vulnerability allows low pr...

NVD-CWE-Other2019

CVE-2023-21999

LOW
CVSS:3.6(Low)

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerab...

NVD-CWE-Other2023

CVE-2023-23543

LOW
CVSS:3.6(Low)

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4....

NVD-CWE-Other2023

CVE-2024-2918

LOW
CVSS:3.6(Low)

Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to forge the displayed group in the PA...

NVD-CWE-Other2024

CVE-2005-4780

LOW
CVSS:3.7(Low)

Cross-site scripting (XSS) vulnerability in Fidra Lighthouse CMS 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a query_string to the home...

NVD-CWE-Other2005

CVE-2016-0671

LOW
CVSS:3.7(Low)

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module.

NVD-CWE-Other2016