CVE-2020-5686

EUVD-2020-26845
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN38784555/index.html
https://www.necplatforms.co.jp/en/press/security_adv.html
https://jvn.jp/en/jp/JVN38784555/index.html
https://www.necplatforms.co.jp/en/press/security_adv.html