Versio.io

CVE-2020-12502

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 15-10-2020 09:15
Last modified: - 29-04-2022 05:23
Total changes: - 6

Description

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
Required
User interaction
8.8
Base score
2.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=pepperl-fuchs AND product=es7510-xt_firmware
OR
vendor=pepperl-fuchs AND product=es7510-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8509-xt_firmware
OR
vendor=pepperl-fuchs AND product=es8509-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8510-xt_firmware
OR
vendor=pepperl-fuchs AND product=es8510-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es9528-xtv2_firmware
OR
vendor=pepperl-fuchs AND product=es9528-xtv2 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es7506_firmware
OR
vendor=pepperl-fuchs AND product=es7506 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es7510_firmware
OR
vendor=pepperl-fuchs AND product=es7510 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es7528_firmware
OR
vendor=pepperl-fuchs AND product=es7528 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8508_firmware
OR
vendor=pepperl-fuchs AND product=es8508 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8508f_firmware
OR
vendor=pepperl-fuchs AND product=es8508f AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8510_firmware
OR
vendor=pepperl-fuchs AND product=es8510 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8510-xte_firmware
OR
vendor=pepperl-fuchs AND product=es8510-xte AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es9528_firmware
OR
vendor=pepperl-fuchs AND product=es9528 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es9528-xt_firmware
OR
vendor=pepperl-fuchs AND product=es9528-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=icrl-m-8rj45\/4sfp-g-din_firmware AND versionEndIncluding=1.2.3
OR
vendor=pepperl-fuchs AND product=icrl-m-8rj45\/4sfp-g-din AND version=-
AND
OR
vendor=pepperl-fuchs AND product=icrl-m-16rj45\/4cp-g-din_firmware AND versionEndIncluding=1.2.3
OR
vendor=pepperl-fuchs AND product=icrl-m-16rj45\/4cp-g-din AND version=-
AND
OR
vendor=korenix AND product=jetnet_5428g-20sfp_firmware AND version=-
OR
vendor=korenix AND product=jetnet_5428g-20sfp AND version=-
AND
OR
vendor=korenix AND product=jetnet_5810g_firmware AND version=-
OR
vendor=korenix AND product=jetnet_5810g AND version=-
AND
OR
vendor=korenix AND product=jetnet_4706f_firmware AND version=-
OR
vendor=korenix AND product=jetnet_4706f AND version=-
AND
OR
vendor=korenix AND product=jetnet_4706_firmware AND version=-
OR
vendor=korenix AND product=jetnet_4706 AND version=-
AND
OR
vendor=korenix AND product=jetnet_4510_firmware AND version=-
OR
vendor=korenix AND product=jetnet_4510 AND version=-
AND
OR
vendor=korenix AND product=jetnet_5010_firmware AND version=-
OR
vendor=korenix AND product=jetnet_5010 AND version=-
AND
OR
vendor=korenix AND product=jetnet_5310_firmware AND version=-
OR
vendor=korenix AND product=jetnet_5310 AND version=-
AND
OR
vendor=korenix AND product=jetnet_6095_firmware AND version=-
OR
vendor=korenix AND product=jetnet_6095 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=icrl-m-8rj45\/4sfp-g-din_firmware AND versionEndExcluding=1.4
OR
vendor=pepperl-fuchs AND product=icrl-m-8rj45\/4sfp-g-din AND version=-
AND
OR
vendor=pepperl-fuchs AND product=icrl-m-16rj45\/4cp-g-din_firmware AND versionEndExcluding=1.4.0
OR
vendor=pepperl-fuchs AND product=icrl-m-16rj45\/4cp-g-din AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2020-12502

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.