CVE-2020-7480 Vulnerability Details

  /     /     /  

CVE-2020-7480 Metadata Quick Info

CVE Published: 23/03/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: schneider | Vendor: n/a | Product: Andover Continuum (All versions)
Status : PUBLISHED

CVE-2020-7480 Description

A CWE-94: Improper Control of Generation of Code (\'Code Injection\') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application\'s processing of XML data.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-94
CWE Name: CWE-94: Improper Control of Generation of Code ( Code Injection )
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2020-7480 Vulnerability Details