CVE-2020-5616

04.08.2020, 02:15

[Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] free edition ver1.0.0, [Gallery01] free edition ver1.0.3 and earlier, [CalendarForm01] free edition ver1.0.3 and earlier, and [Link01] free edition ver1.0.0 allows remote attackers to bypass authentication and log in to the product with administrative privileges via unspecified vectors.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
jpcert	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 87%

Vendor	Product	Version
calendar01_project	calendar01	1.0.0
calendar02_project	calendar02	1.0.0
calendarform01_project	calendarform01	𝑥 ≤ 1.0.3
gallery01_project	gallery01	𝑥 ≤ 1.0.3
link01_project	link01	1.0.0
pkobo-news01_project	pkobo-news01	𝑥 ≤ 1.0.3
pkobo-vote01_project	pkobo-vote01	𝑥 ≤ 1.0.1
telop01_project	telop01	1.0.0