Vulnerability Details CVE-2020-12133
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.081
EPSS Ranking 91.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://packetstormsecurity.com/files/157383/Furukawa-Electric-ConsciusMAP-2.8.1-Java-Deserialization-Remote-Code-Execution.html
- https://www.furukawa.co.jp
- https://www.tecnoredsa.com.ar
- http://packetstormsecurity.com/files/157383/Furukawa-Electric-ConsciusMAP-2.8.1-Java-Deserialization-Remote-Code-Execution.html
- https://www.furukawa.co.jp
- https://www.tecnoredsa.com.ar
Products affected by CVE-2020-12133
-
cpe:2.3:a:farukawa:electric_consciousmap:1.4.70
-
cpe:2.3:a:farukawa:electric_consciousmap:1.8
-
cpe:2.3:a:farukawa:electric_consciousmap:2.0.1174
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.1
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.15
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.16
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.18
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.31
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.36
-
cpe:2.3:a:farukawa:electric_consciousmap:2.1.49
-
cpe:2.3:a:farukawa:electric_consciousmap:2.3.1
-
cpe:2.3:a:farukawa:electric_consciousmap:2.6.4
-
cpe:2.3:a:farukawa:electric_consciousmap:2.7.10
-
cpe:2.3:a:farukawa:electric_consciousmap:2.8.1