Home

CVE-2020-3898

Description

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.162

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4Mac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 Combo UpdateMac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 (Deployment-Only)Mac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 Combo Update (Deployment-Only)Mac
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-client-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-client-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-client-debuginfo-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-client-debuginfo-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-debuginfo-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-debuginfo-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-debugsource-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-debugsource-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-libs-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-libs-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-libs-32bit-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-libs-32bit-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-libs-debuginfo-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-libs-debuginfo-1.7.5-20.29.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP4 ) cups-libs-debuginfo-32bit-1.7.5-20.29.1.x86_64.rpmLinux
SUSE-SU-2020:1045-1(SUSE Linux Enterprise Server 12-SP5 ) cups-libs-debuginfo-32bit-1.7.5-20.29.1.x86_64_SP5.rpmLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.2.7-1ubuntu2.8_i386.debLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.2.7-1ubuntu2.8_amd64.debLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.3.1-9ubuntu1.1_amd64.debLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.1.3-4ubuntu0.11_i386.debLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.1.3-4ubuntu0.11_amd64.debLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.2.12-2ubuntu1.1_i386.debLinux
Common UNIX Printing System(tm) (USN-4340-1) cups_2.2.12-2ubuntu1.1_amd64.debLinux
(RHSA-2020:4469) cups security and bug fix update cups-2.2.6-38.el8.x86_64.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-client-2.2.6-38.el8.x86_64.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-debugsource-2.2.6-38.el8.i686.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-debugsource-2.2.6-38.el8.x86_64.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-devel-2.2.6-38.el8.i686.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-devel-2.2.6-38.el8.x86_64.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-filesystem-2.2.6-38.el8.noarch.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-ipptool-2.2.6-38.el8.x86_64.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-libs-2.2.6-38.el8.i686.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-libs-2.2.6-38.el8.x86_64.rpmLinux
(RHSA-2020:4469) cups security and bug fix update cups-lpd-2.2.6-38.el8.x86_64.rpmLinux
Improper Input Validation Vulnerability (CVE-2020-3898)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot
PATCH-602735MacOS Catalina 10.15.4 (Deployment-Only)
PATCH-602737MacOS Catalina 10.15.4 Combo Update (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234