CVE-2020-15794 Vulnerability Details

  /     /     /  

CVE-2020-15794 Metadata Quick Info

CVE Published: 15/10/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: siemens | Vendor: Siemens | Product: Desigo Insight
Status : PUBLISHED

---

CVE-2020-15794 Description

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-200
CWE Name: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Source: Siemens

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).