CVE-2020-11918
Nov. 8, 2024, 7:01 p.m.
Tags
CVSS Score
Product(s) Impacted
Siime Eye
- 14.1.00000001.3.330.0.0.3.14
Description
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created through the web interface, information on all users, including passwords, can be found in cleartext in the backup file. An attacker capable of accessing the web interface can create the backup file.
Weaknesses
CWE-312
Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
CWE ID: 312Date
Published: Nov. 7, 2024, 6:15 p.m.
Last Modified: Nov. 8, 2024, 7:01 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
Base Score
Exploitability Score
Impact Score
Base Severity
MEDIUMCVSS Vector String
The CVSS vector string provides an in-depth view of the vulnerability metrics.
View Vector StringCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N