Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.7 views

CVE-2020-25966

Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...

7.5CVSS6.3AI score0.01353EPSS
Exploits1
CNVD
CNVD
added 2020/10/29 12:0 a.m.1 views

Sectona Spectra Information Disclosure Vulnerability

Sectona Spectra is a privilege management system for enterprise device access from US-based sectona. The platform supports the consolidation of accounts in the cloud with local accounts to centralize enterprise device management and improve access security. An information disclosure vulnerability...

7.5CVSS6.1AI score0.01353EPSS
Exploits1References1
NVD
NVD
added 2020/10/28 6:15 p.m.16 views

CVE-2020-25966

Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...

7.5CVSS7.3AI score0.01353EPSS
Exploits1References2
Prion
Prion
added 2020/10/28 6:15 p.m.10 views

Security feature bypass

Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...

5CVSS7.3AI score0.01353EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2020/10/28 5:37 p.m.9 views

CVE-2020-25966

Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...

6.3AI score0.01353EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/10/28 5:37 p.m.21 views

CVE-2020-25966

Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...

7.3AI score0.01353EPSS
Exploits1References2
CVE
CVE
added 2020/10/28 5:37 p.m.42 views

CVE-2020-25966

Sectona Spectra (before 3.4.0) exposes a vulnerable SOAP API endpoint that can disclose sensitive information about provisioned assets, including login credentials, without proper authentication by manipulating the pAccountID value. This has been reported across multiple sources (Red Hat, CNVD, C...

7.5CVSS7.2AI score0.01353EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder