Lucene search

K
prionPRIOn knowledge basePRION:CVE-2020-10546
HistoryJun 04, 2020 - 4:15 a.m.

Sql injection

2020-06-0404:15:00
PRIOn knowledge base
www.prio-n.com
5

9.8 High

AI Score

Confidence

High

0.384 Low

EPSS

Percentile

97.2%

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.

CPENameOperatorVersion
rconfigle3.9.4

9.8 High

AI Score

Confidence

High

0.384 Low

EPSS

Percentile

97.2%