CVE-2020-11557

HIGH

7.5

CVSS Severity Score

EPSS Score0.0420%

EPSS Percentile22.90th

Published2020年4月9日

Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.

Affected Platforms (CPE)

📦

Castlerock

Snmpc Online

>= 12.10.10 and < 2020-01-28

References & Advisories

🔗 https://medium.com/tsscyber/noc-noc-whos-there-your-nms-is-pwned-1826174e0dee

相关漏洞威胁

CVE-2020-115538.8

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.

CVE-2020-115557.5

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive cre...

CVE-2020-115547.5

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive inf...

CVE-2020-115565.4

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflect...