CVE-2020-27179

Critical

konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.

mitre·CWE-640·Published 2020-10-27

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

125 chars

konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.

NVDen

125 chars

konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.

konzept-ix publiXone versiones anteriores a 2020.015, permite a atacantes tomar el control de cuentas de usuario arbitrarias al diseñar tokens de restablecimiento de contraseña

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H