CyberSec.Space Logo
Back to CVE Browser

CVE-2020-5499

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1710%
EPSS Percentile2.49th
PublishedJan 4, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same.

Affected Platforms (CPE)

📦
Apache

Rust Sgx Sdk

<= 1.0.8

References & Advisories

🔗 https://github.com/wssgcsc58/CVEs/tree/master/baidurustsgxsdk_enclaveid_race
🔗 https://github.com/wssgcsc58/CVEs/tree/master/baidurustsgxsdk_enclaveid_race

Related Vulnerabilities

CVE-2021-241174.9

In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2020-696110.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...

CVE-2020-696210.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...