Lucene search
K

4 matches found

NVD
NVD
added 2020/11/24 5:15 p.m.26 views

CVE-2020-7378

CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...

9.1CVSS9.3AI score0.02617EPSS
Exploits1References1
OSV
OSV
added 2020/11/24 5:15 p.m.16 views

CVE-2020-7378

CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...

9.1CVSS6.9AI score0.02617EPSS
Exploits1References1
Prion
Prion
added 2020/11/24 5:15 p.m.19 views

Design/Logic Flaw

CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...

6.4CVSS9.1AI score0.02617EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/24 4:35 p.m.28 views

CVE-2020-7378 CRIXP OpenCRX Unverified Password Change

CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...

9.1CVSS9.3AI score0.02617EPSS
Exploits1References1
Rows per page
Query Builder