CVE-2020-2078
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain access to systems, potentially compromising personal information or other sensitive information.
Las contraseñas son almacenadas en texto plano dentro de la configuración del software SICK Package Analytics versiones hasta V04.1.1 incluyéndola. Un atacante autorizado podría acceder a estas credenciales de texto plano almacenadas y conseguir acceso al servicio ftp. El almacenamiento de una contraseña en texto plano permite a atacantes acceder fácilmente a los sistemas, comprometiendo potencialmente la información personal u otra información confidencial
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-04 CVE Reserved
- 2020-07-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sick Search vendor "Sick" | Package Analytics Search vendor "Sick" for product "Package Analytics" | <= 04.1.1 Search vendor "Sick" for product "Package Analytics" and version " <= 04.1.1" | - |
Affected
| ||||||