CVE-2020-21997

Sažetak

Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control.

Reference

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5541.php
https://www.exploit-db.com/exploits/47596
https://cwe.mitre.org/data/definitions/306.html

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-10-2022 - 16:31

Objavljeno

29-04-2021 - 15:15