Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:26 p.m.9 views

CVE-2020-16240

GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference IDOR vulnerability allows user account data to be downloaded in JavaScript object notation JSON format by users who should not have access to such functionality. An attacker can download sensitive data related to...

5.3CVSS6.6AI score0.00898EPSS
Exploits0
Cvelist
Cvelist
added 2020/09/23 1:6 p.m.39 views

CVE-2020-16240

GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference IDOR vulnerability allows user account data to be downloaded in JavaScript object notation JSON format by users who should not have access to such functionality. An attacker can download sensitive data related to...

5.1AI score0.00898EPSS
Exploits0References1
CVE
CVE
added 2020/09/23 1:6 p.m.54 views

CVE-2020-16240

GE Digital APM Classic (Versions 4.4 and prior) is vulnerable to CVE-2020-16240: an Authorization Bypass Through User-Controlled Key (IDOR) that allows unauthorized users to download sensitive user‑account data in JSON . Root cause: insecure IDOR enabling data exfiltration. Affected product: GE D...

5.3CVSS5.1AI score0.00898EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2020/09/22 12:0 a.m.63 views

GE Digital APM Classic

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Digital Equipment: APM Classic Vulnerabilities: Authorization Bypass Through User-controlled Key, Use of a One-Way Hash Without a Salt 2. RISK EVALUATION Successful exploitation of these...

7.2CVSS6.7AI score0.00898EPSS
Exploits0References5
Rows per page
Query Builder