8
CVE-2020-18305
- EPSS 0.7%
- Veröffentlicht 14.05.2024 06:36:01
- Zuletzt bearbeitet 11.06.2025 14:57:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Extremenetworks ≫ Extremexos Version < 22.7
Extremenetworks ≫ Extremexos Version30.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.7% | 0.484 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
https://gist.github.com/yasinyilmaz/1fe3fe58dd275edb77dcbe890fce2f2c