CVE-2020-10552

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as well.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
psypraxpsyprax
𝑥
< 3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax