How severe is CVE-2023-20518?

This vulnerability has a severity rating of LOW with a CVSS score of 1.9 out of 10.

What type of vulnerability is CVE-2023-20518?

This is classified as CWE-459, which is a common weakness in software security.

CVE-2023-20518

LOW Year: 2023

CVSS v3 Score

1.9

Low

Weakness Type

CWE-459

View all →

Vulnerability Description

Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.

CVE-2019-8548

LOW

CVSS:2.4(Low)

An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in wa...

CWE-4592019

CVE-2019-8732

LOW

CVSS:2.4(Low)

The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.

CWE-4592019

CVE-2023-2400

LOW

CVSS:2.7(Low)

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.

CWE-4592023

CVE-2024-1048

LOW

CVSS:3.3(Low)

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original...

CWE-4592024

CVE-2022-2307

LOW

CVSS:3.8(Low)

A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows...

CWE-4592022

CVE-2005-1744

CRITICAL

CVSS:9.8(Critical)

BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without hav...

CWE-4592005