CVE-2020-6779

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system.

CVSS v3 10.0 CRITICAL
CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html	Vendor Advisory
https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:bosch:fsm-2500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bosch:fsm-2500:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:bosch:fsm-5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bosch:fsm-5000:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:36

Type	Values Removed	Values Added
References	~~() https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html - Vendor Advisory~~	() https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html - Vendor Advisory

Information

Published : 2021-01-26 18:16

Updated : 2024-11-21 05:36

NVD link : CVE-2020-6779

Mitre link : CVE-2020-6779

CVE.ORG link : CVE-2020-6779

JSON object : View

Products Affected

bosch

fsm-5000_firmware
fsm-2500_firmware
fsm-2500
fsm-5000

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2020-6779", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@bosch.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2021-01-26T18:16:07.803", "references": [{"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html", "tags": ["Vendor Advisory"], "source": "psirt@bosch.com"}, {"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@bosch.com", "description": [{"lang": "en", "value": "CWE-798"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system."}, {"lang": "es", "value": "El uso de credenciales embebidas en la base de datos del servidor Bosch FSM-2500 y el servidor Bosch FSM-5000 hasta la versi\u00f3n 5.2 incluy\u00e9ndola, permite a un atacante remoto no autenticado iniciar sesi\u00f3n en la base de datos con privilegios de administrador. Esto puede resultar en un compromiso total de la confidencialidad e integridad de los datos almacenados, as\u00ed como un impacto de la alta disponibilidad en la propia base de datos. Adem\u00e1s, un atacante puede ejecutar comandos arbitrarios en el sistema operativo subyacente"}], "lastModified": "2024-11-21T05:36:10.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bosch:fsm-2500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DABF317D-63EF-4AC6-B5E5-58DB5598FB6E", "versionEndIncluding": "5.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bosch:fsm-2500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1E6F9D1B-FF23-4C52-B5E3-3727AEEBA394"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bosch:fsm-5000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE15D170-F377-4A15-AC5C-10974D034FFE", "versionEndIncluding": "5.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bosch:fsm-5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91E26C5C-C032-4650-8BC1-C6D78A1090F1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@bosch.com"}