Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-16272

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.7%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
Products affected by CVE-2020-16272
  • Kee » Keepassrpc » Version: 1.10.0
    cpe:2.3:a:kee:keepassrpc:1.10.0
  • Kee » Keepassrpc » Version: 1.11.0
    cpe:2.3:a:kee:keepassrpc:1.11.0
  • Kee » Keepassrpc » Version: 1.7.1
    cpe:2.3:a:kee:keepassrpc:1.7.1
  • Kee » Keepassrpc » Version: 1.7.2
    cpe:2.3:a:kee:keepassrpc:1.7.2
  • Kee » Keepassrpc » Version: 1.7.3
    cpe:2.3:a:kee:keepassrpc:1.7.3
  • Kee » Keepassrpc » Version: 1.7.3.1
    cpe:2.3:a:kee:keepassrpc:1.7.3.1
  • Kee » Keepassrpc » Version: 1.8.0
    cpe:2.3:a:kee:keepassrpc:1.8.0
  • Kee » Keepassrpc » Version: 1.9.0
    cpe:2.3:a:kee:keepassrpc:1.9.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved