CVE-2020-12529

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:59

Type Values Removed Values Added
References () https://cert.vde.com/de-de/advisories/vde-2021-003 - Third Party Advisory () https://cert.vde.com/de-de/advisories/vde-2021-003 - Third Party Advisory
CVSS v2 : 5.0
v3 : 5.3
v2 : 5.0
v3 : 5.8

Information

Published : 2021-03-02 22:15

Updated : 2024-11-21 04:59


NVD link : CVE-2020-12529

Mitre link : CVE-2020-12529

CVE.ORG link : CVE-2020-12529


JSON object : View

Products Affected

mbconnectline

  • mbconnect24
  • mymbconnect24
CWE
CWE-918

Server-Side Request Forgery (SSRF)