CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10590

Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://blog.replicated.com
https://gradle.com/enterprise/releases/2019.5/#changes
https://www.replicated.com/security/advisories/CVE-2020-10590
https://blog.replicated.com
https://gradle.com/enterprise/releases/2019.5/#changes
https://www.replicated.com/security/advisories/CVE-2020-10590

Products affected by CVE-2020-10590

Replicated » Replicated Classic » Version: Any

cpe:2.3:a:replicated:replicated_classic:*
Replicated » Replicated Classic » Version: 2.41.0

cpe:2.3:a:replicated:replicated_classic:2.41.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10590

Products

Pricing

Contact Us