CVE-2020-12068

{"id": "CVE-2020-12068", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2020-05-14T21:15:13.260", "references": [{"url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", "tags": ["Mitigation", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.codesys.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", "tags": ["Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.codesys.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation."}, {"lang": "es", "value": "Se detect\u00f3 un problema en CODESYS Development System versiones anteriores a 3.5.16.0. CODESYS WebVisu y CODESYS Remote TargetVisu son susceptibles a una escalada de privilegios."}], "lastModified": "2024-11-21T04:59:12.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A5313A0-4D9B-4B1F-B432-F84130717DE7", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9EA03EF-F424-4AC6-AC0B-A284A2553092", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38ECECFA-13C2-459E-B509-5F663E72CDE9", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7BD8B5A-8CD7-463C-82D7-06F6DE7E6DB0", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CC12843-4775-46BF-BB7F-35D7A4825027", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E46BF9-F5A0-4C09-BE2B-486263D89E85", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C17614A6-F334-4955-824D-A237A9672ECD", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFAF3E76-D917-48FA-BE80-7CEF592359F3", "versionEndExcluding": "3.5.16.0", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "977B88F5-FA46-41A6-B65E-034EEBA19755", "versionEndExcluding": "3.5.16.0", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6E1A555-20F2-4C1D-824C-9BFE5A8C1184", "versionEndExcluding": "3.5.16.0", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03FB53F8-F076-41FB-B556-077F99584B76", "versionEndExcluding": "3.5.16.0"}, {"criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2B23429-F3C9-4414-A3C8-FDEA5D0DFE96", "versionEndExcluding": "3.5.16.0", "versionStartIncluding": "3.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}