Vulnerability Details CVE-2020-25255
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to cause a denial of service (outage of connection-request processing) via a long user ID, which triggers an exception and a large log entry.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-25255
-
cpe:2.3:a:hyland:onbase:-
-
cpe:2.3:a:hyland:onbase:16.0.0.0
-
cpe:2.3:a:hyland:onbase:16.0.2.83
-
cpe:2.3:a:hyland:onbase:17.0.0.0
-
cpe:2.3:a:hyland:onbase:17.0.2.109
-
cpe:2.3:a:hyland:onbase:18.0.0.0
-
cpe:2.3:a:hyland:onbase:18.0.0.32
-
cpe:2.3:a:hyland:onbase:18.0.0.37
-
cpe:2.3:a:hyland:onbase:19.0.0.0
-
cpe:2.3:a:hyland:onbase:19.8.16.1000
-
cpe:2.3:a:hyland:onbase:19.8.9.1000
-
cpe:2.3:a:hyland:onbase:20.0.0.0
-
cpe:2.3:a:hyland:onbase:20.3.10.1000