CVE-2020-25697

EUVD-2020-18358
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
x.orgx_server
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libx11
bionic
ignored
focal
ignored
groovy
ignored
hirsute
ignored
impish
ignored
jammy
ignored
trusty
ignored
xenial
ignored
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2020/11/09/3
http://www.openwall.com/lists/oss-security/2020/11/09/3
https://bugzilla.redhat.com/show_bug.cgi?id=1895295
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
https://seclists.org/oss-sec/2020/q4/105
http://www.openwall.com/lists/oss-security/2020/11/09/3
http://www.openwall.com/lists/oss-security/2020/11/09/3
https://bugzilla.redhat.com/show_bug.cgi?id=1895295
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
https://seclists.org/oss-sec/2020/q4/105