CVE-2020-25844
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CHANGING Inc. | NHIServiSignAdapter | 1.0.20.0218 | affected |
Weaknesses
- CWE-121: CWE-121 Stack-based Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.