CVE-2020-7196 in BlueData EPIC Software Platforminfo

Zusammenfassung

von MITRE • 26.10.2020

The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url "/bdswebui/assignusers/".

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

16.01.2020

Veröffentlichung

26.10.2020

Moderieren

akzeptiert

Eintrag

VDB-163657

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

6.5 (NVD)

EPSS

0.00158

KEV

nein

Aktivitäten

very low

Sektor

Government, Pharma, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-7196
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-7196
CVE Details	https://www.cvedetails.com/cve/CVE-2020-7196/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!