7.2
CVE-2020-6978
- EPSS 0.15%
- Published 24.03.2020 21:15:14
- Last modified 21.11.2024 05:36:25
- Source ics-cert@hq.dhs.gov
- Teams watchlist Login
- Open Login
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.
Data is provided by the National Vulnerability Database (NVD)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.32 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
CWE-477 Use of Obsolete Function
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.