Vulnerabilities (CVE)

Filtered by vendor Bosch Subscribe
Filtered by product Fsm-2500
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6780 1 Bosch 4 Fsm-2500, Fsm-2500 Firmware, Fsm-5000 and 1 more 2024-11-21 4.0 MEDIUM 4.4 MEDIUM
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
CVE-2020-6779 1 Bosch 4 Fsm-2500, Fsm-2500 Firmware, Fsm-5000 and 1 more 2024-11-21 10.0 HIGH 10.0 CRITICAL
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system.