Versio.io

CVE-2020-12504

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 15-10-2020 09:15
Last modified: - 16-03-2022 03:02
Total changes: - 5

Description

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=pepperl-fuchs AND product=es7510-xt_firmware AND versionEndExcluding=2.1.1
OR
vendor=pepperl-fuchs AND product=es7510-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8509-xt_firmware
OR
vendor=pepperl-fuchs AND product=es8509-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8510-xt_firmware
OR
vendor=pepperl-fuchs AND product=es8510-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es9528-xtv2_firmware
OR
vendor=pepperl-fuchs AND product=es9528-xtv2 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es7506_firmware
OR
vendor=pepperl-fuchs AND product=es7506 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es7510_firmware
OR
vendor=pepperl-fuchs AND product=es7510 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es7528_firmware
OR
vendor=pepperl-fuchs AND product=es7528 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8508_firmware
OR
vendor=pepperl-fuchs AND product=es8508 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8508f_firmware
OR
vendor=pepperl-fuchs AND product=es8508f AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8510_firmware AND versionEndExcluding=3.1.1
OR
vendor=pepperl-fuchs AND product=es8510 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es8510-xte_firmware
OR
vendor=pepperl-fuchs AND product=es8510-xte AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es9528_firmware
OR
vendor=pepperl-fuchs AND product=es9528 AND version=-
AND
OR
vendor=pepperl-fuchs AND product=es9528-xt_firmware
OR
vendor=pepperl-fuchs AND product=es9528-xt AND version=-
AND
OR
vendor=pepperl-fuchs AND product=icrl-m-8rj45\/4sfp-g-din_firmware AND versionEndIncluding=1.2.3
OR
vendor=pepperl-fuchs AND product=icrl-m-8rj45\/4sfp-g-din AND version=-
AND
OR
vendor=pepperl-fuchs AND product=icrl-m-16rj45\/4cp-g-din_firmware AND versionEndIncluding=1.2.3
OR
vendor=pepperl-fuchs AND product=icrl-m-16rj45\/4cp-g-din AND version=-
AND
OR
vendor=korenix AND product=jetwave_2212s_firmware AND version=1.5
OR
vendor=korenix AND product=jetwave_2212s AND version=-
AND
OR
vendor=korenix AND product=jetwave_2212g_firmware AND version=1.4
OR
vendor=korenix AND product=jetwave_2212g AND version=-
AND
OR
vendor=korenix AND product=jetwave_2311_firmware AND version=1.2
OR
vendor=korenix AND product=jetwave_2311 AND version=-
AND
OR
vendor=korenix AND product=jetwave_3220_firmware AND version=1.2
OR
vendor=korenix AND product=jetwave_3220 AND version=-
AND
OR
vendor=korenix AND product=jetwave_3420_firmware AND version=1.1.3t
OR
vendor=korenix AND product=jetwave_3420 AND version=-
AND
OR
vendor=korenix AND product=jetwave_2212x_firmware AND version=1.5
OR
vendor=korenix AND product=jetwave_2212x AND version=-
AND
OR
vendor=korenix AND product=jetwave_5428g-20sfp_firmware AND version=1.0
OR
vendor=korenix AND product=jetwave_5428g-20sfp AND version=-
AND
OR
vendor=korenix AND product=jetwave_5810g_firmware AND version=1.1
OR
vendor=korenix AND product=jetwave_5810g AND version=-
AND
OR
vendor=korenix AND product=jetwave_5310_firmware AND version=1.5
OR
vendor=korenix AND product=jetwave_5310 AND version=-
AND
OR
vendor=korenix AND product=jetwave_5010_firmware AND version=3.1a
OR
vendor=korenix AND product=jetwave_5010 AND version=-
AND
OR
vendor=korenix AND product=jetwave_4706f_firmware AND version=2.3b
OR
vendor=korenix AND product=jetwave_4706f AND version=-
AND
OR
vendor=korenix AND product=jetwave_4706_firmware AND version=2.3b
OR
vendor=korenix AND product=jetwave_4706 AND version=-
AND
OR
vendor=korenix AND product=jetwave_4510_firmware AND version=3.0b
OR
vendor=korenix AND product=jetwave_4510 AND version=-
AND
OR
vendor=westermo AND product=pmi-110-f2g_firmware AND version=1.5
OR
vendor=westermo AND product=pmi-110-f2g AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2020-12504

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.