CVE-2020-29020
9.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Secomea | SiteManager | All < 9.4.620527004 | affected |
Weaknesses
- CWE-284: CWE-284 Improper Access Control
Workarounds
Configure Uplink (WAN) to disable management via Uplink
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.