CVE-2020-0702 - A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'S

CVE-2020-0702

Summary

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702

Vulnerable Configurations

cpe:2.3:o:microsoft:surface_hub_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:surface_hub_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:surface_hub:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:surface_hub:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 21-07-2021 - 11:39)
Impact:
Exploitability:

CWE

CWE-863

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

misc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702

Last major update

21-07-2021 - 11:39

Published

11-02-2020 - 22:15

Last modified

21-07-2021 - 11:39