CVE-2020-11720

Sažetak

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password.

Reference

http://packetstormsecurity.com/files/160623/Programi-Bilanc-Build-007-Release-014-31.01.2020-Weak-Default-Password.html
http://seclists.org/fulldisclosure/2020/Dec/34

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

23-12-2020 - 20:08

Objavljeno

23-12-2020 - 16:15