CVE-2020-2076 Vulnerability Details

  /     /     /  

CVE-2020-2076 Metadata Quick Info

CVE Published: 29/07/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: SICK AG | Vendor: n/a | Product: SICK Package Analytics
Status : PUBLISHED

---

CVE-2020-2076 Description

SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write files without authentication.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Authentication Bypass Using an Alternate Path or Channel
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).