CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-21994

AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 88.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-21994

Ave » Dominaplus » Version: 1.10.11

cpe:2.3:a:ave:dominaplus:1.10.11
Ave » Dominaplus » Version: 1.10.22

cpe:2.3:a:ave:dominaplus:1.10.22
Ave » Dominaplus » Version: 1.10.25

cpe:2.3:a:ave:dominaplus:1.10.25
Ave » Dominaplus » Version: 1.10.35

cpe:2.3:a:ave:dominaplus:1.10.35
Ave » Dominaplus » Version: 1.10.44

cpe:2.3:a:ave:dominaplus:1.10.44
Ave » Dominaplus » Version: 1.10.45

cpe:2.3:a:ave:dominaplus:1.10.45
Ave » Dominaplus » Version: 1.10.46

cpe:2.3:a:ave:dominaplus:1.10.46
Ave » Dominaplus » Version: 1.10.49

cpe:2.3:a:ave:dominaplus:1.10.49
Ave » Dominaplus » Version: 1.10.52

cpe:2.3:a:ave:dominaplus:1.10.52
Ave » Dominaplus » Version: 1.10.52a

cpe:2.3:a:ave:dominaplus:1.10.52a
Ave » Dominaplus » Version: 1.10.60

cpe:2.3:a:ave:dominaplus:1.10.60
Ave » Dominaplus » Version: 1.10.62

cpe:2.3:a:ave:dominaplus:1.10.62
Ave » Dominaplus » Version: 1.10.64

cpe:2.3:a:ave:dominaplus:1.10.64
Ave » Dominaplus » Version: 1.10.65

cpe:2.3:a:ave:dominaplus:1.10.65
Ave » Dominaplus » Version: 1.10.77

cpe:2.3:a:ave:dominaplus:1.10.77
Ave » 53ab-Wbs » Version: N/A

cpe:2.3:h:ave:53ab-wbs:-
Ave » Ts01 » Version: N/A

cpe:2.3:h:ave:ts01:-
Ave » Ts03x-V » Version: N/A

cpe:2.3:h:ave:ts03x-v:-
Ave » Ts04x-V » Version: N/A

cpe:2.3:h:ave:ts04x-v:-
Ave » Ts05 » Version: N/A

cpe:2.3:h:ave:ts05:-
Ave » Ts05n-V » Version: N/A

cpe:2.3:h:ave:ts05n-v:-
Ave » 53ab-Wbs Firmware » Version: 1.10.62

cpe:2.3:o:ave:53ab-wbs_firmware:1.10.62
Ave » Ts01 Firmware » Version: 1.0.65

cpe:2.3:o:ave:ts01_firmware:1.0.65
Ave » Ts03x-V Firmware » Version: 1.10.45a

cpe:2.3:o:ave:ts03x-v_firmware:1.10.45a
Ave » Ts04x-V Firmware » Version: 1.10.45a

cpe:2.3:o:ave:ts04x-v_firmware:1.10.45a
Ave » Ts05 Firmware » Version: 1.10.36

cpe:2.3:o:ave:ts05_firmware:1.10.36
Ave » Ts05n-V Firmware » Version: N/A

cpe:2.3:o:ave:ts05n-v_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-21994

Products

Pricing

Contact Us