CVE-2020-12496

{"id": "CVE-2020-12496", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-11-19T18:15:13.850", "references": [{"url": "https://cert.vde.com/en-us/advisories/vde-2020-022", "tags": ["Vendor Advisory"], "source": "info@cert.vde.com"}, {"url": "https://cert.vde.com/en-us/advisories/vde-2020-022", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and Memograph M (Neutral/Private Label) (RSG45, ORSG45) with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. The firmware release has a dynamic token for each request submitted to the server, which makes repeating requests and analysis complex enough. Nevertheless, it's possible and during the analysis it was discovered that it also has an issue with the access-control matrix on the server-side. It was found that a user with low rights can get information from endpoints that should not be available to this user."}, {"lang": "es", "value": "Endress + Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) y Memograph M (Neutral/Private Label) (RSG45, ORSG45) con la versi\u00f3n de firmware V2.0.0 y superior, es propenso a exponer informaci\u00f3n confidencial a un actor no autorizado. La versi\u00f3n de firmware posee un token din\u00e1mico para cada petici\u00f3n enviada al servidor, lo que hace que las peticiones repetidas y el an\u00e1lisis sean lo suficientemente complejos. Sin embargo, es posible y durante el an\u00e1lisis se detect\u00f3 que tambi\u00e9n tiene un problema con la matriz de control de acceso en el lado del servidor. Se encontr\u00f3 que un usuario con pocos derechos puede obtener informaci\u00f3n de los endpoints que no deber\u00eda estar disponible para este usuario"}], "lastModified": "2024-11-21T04:59:48.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:endress:rsg35_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09972345-A856-4BCC-B649-EB93AEC89AB7", "versionEndExcluding": "2.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:endress:rsg35:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FD4C836-D775-49B1-997C-5F1BE2DA3422"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:endress:rsg45_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2917E2E-DF23-419A-B1CF-AD39A49DC535", "versionEndExcluding": "2.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:endress:rsg45:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5BE8DDCA-3704-41B9-BE65-467DC0C832E3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:endress:orsg35_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47846DD8-45BF-4ECD-87C7-77E9CF32689F", "versionEndExcluding": "2.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:endress:orsg35:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BACEE257-8D0A-4EC7-9DC1-D7BFA2606717"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:endress:orsg45_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF6DB41B-E6A6-4E0B-B87E-EDD8FC9AF068", "versionEndExcluding": "2.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:endress:orsg45:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF859810-2537-4704-91FD-35353063C562"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}