5.3
CVE-2020-24981
- EPSS 0.95%
- Veröffentlicht 04.09.2020 20:15:11
- Zuletzt bearbeitet 21.11.2024 05:16:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAn Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ucms Project ≫ Ucms Version1.4.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.95% | 0.566 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
https://sunian.top/2020/08/26/ucms-Incorrect%20Access%20Control/