ID | CVE-2020-12595 | ||||||
Summary | An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4. | ||||||
References | |||||||
Vulnerable Configurations |
|
||||||
CVSS |
|
||||||
CWE | NVD-CWE-noinfo | ||||||
CAPEC |
|
||||||
Access |
|
||||||
Impact |
|
||||||
cvss-vector via4 | AV:N/AC:L/Au:S/C:P/I:N/A:N | ||||||
refmap via4 |
|
||||||
Last major update | 14-12-2020 - 16:06 | ||||||
Published | 10-12-2020 - 06:15 | ||||||
Last modified | 14-12-2020 - 16:06 |