Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6779 | 1 Bosch | 4 Fsm-2500, Fsm-2500 Firmware, Fsm-5000 and 1 more | 2021-02-02 | 10.0 HIGH | 10.0 CRITICAL |
| Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system. | |||||
| CVE-2020-6780 | 1 Bosch | 4 Fsm-2500, Fsm-2500 Firmware, Fsm-5000 and 1 more | 2021-02-02 | 4.0 MEDIUM | 4.9 MEDIUM |
| Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash. | |||||