CVE-2020-25697

A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
x.orgx_server
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libx11
jammy
ignored
impish
ignored
hirsute
ignored
groovy
ignored
focal
ignored
bionic
ignored
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2020/11/09/3
http://www.openwall.com/lists/oss-security/2020/11/09/3
https://bugzilla.redhat.com/show_bug.cgi?id=1895295
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
https://seclists.org/oss-sec/2020/q4/105
http://www.openwall.com/lists/oss-security/2020/11/09/3
http://www.openwall.com/lists/oss-security/2020/11/09/3
https://bugzilla.redhat.com/show_bug.cgi?id=1895295
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
https://seclists.org/oss-sec/2020/q4/105