CVE-2020-6780
4.4
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Bosch | FSM-2500 | unspecified <= 5.2 | affected |
| Bosch | FSM-5000 | unspecified <= 5.2 | affected |
Weaknesses
- CWE-916: CWE-916 Use of Password Hash With Insufficient Computational Effort
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.