CVE-2020-9048

Summary

A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack.

Affected Software

VendorProductVersion RangeStatus
Johnson Controlsvictor Web Client version 5.4.1 and priorunspecified <= 5.4.1affected

Weaknesses

  • CWE-285: CWE-285 : Improper Access Control (Authorization)

ADP Enrichment

CVE Program Container

Additional References

References