| |
Vulnerability CVE-2020-10552
Published: 2021-02-05
| Description: |
An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as well. |
Type:
CWE-732
CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5.5/10 |
4.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
None |
References: |
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
