CVE-2020-13872

High

Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.

mitre·CWE-307·Published 2020-06-09

CVSS

8.8

EPSS

0.03

KEV

Exploits

cve.orgen

137 chars

Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.

NVDen

137 chars

Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.

Royal TS versiones anteriores a 5, presenta un oyente de 0.0.0.0, lo que facilita a atacantes omitir la autenticación del túnel por medio de un enfoque de fuerza bruta

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H