Vulnerability CVE-2020-7492


Published: 2020-06-16

Description:
A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded.

Type:

CWE-521

(Weak Password Requirements)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
SE -> Gp-pro ex firmware 
Schneider-electric -> Gp-pro ex firmware 

 References:
https://www.se.com/ww/en/download/document/SEVD-2020-133-01/

Copyright 2024, cxsecurity.com

 

Back to Top