RSS   Vulnerabilities for 'Spectra'   RSS

2020-10-28
 
CVE-2020-25966

CWE-922
 

 
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value.

 


Copyright 2024, cxsecurity.com

 

Back to Top