Vulnerability Details CVE-2020-27125
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by viewing source code. A successful exploit could allow the attacker to view static credentials, which the attacker could use to carry out further attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.0%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 5.0
References
Products affected by CVE-2020-27125
-
cpe:2.3:a:cisco:security_manager:-
-
cpe:2.3:a:cisco:security_manager:3.0.2
-
cpe:2.3:a:cisco:security_manager:3.1
-
cpe:2.3:a:cisco:security_manager:3.1.1
-
cpe:2.3:a:cisco:security_manager:3.2
-
cpe:2.3:a:cisco:security_manager:3.2.1
-
cpe:2.3:a:cisco:security_manager:3.2.2
-
cpe:2.3:a:cisco:security_manager:3.3
-
cpe:2.3:a:cisco:security_manager:3.3.1
-
cpe:2.3:a:cisco:security_manager:4.0
-
cpe:2.3:a:cisco:security_manager:4.0.1
-
cpe:2.3:a:cisco:security_manager:4.1
-
cpe:2.3:a:cisco:security_manager:4.10
-
cpe:2.3:a:cisco:security_manager:4.11
-
cpe:2.3:a:cisco:security_manager:4.12
-
cpe:2.3:a:cisco:security_manager:4.13
-
cpe:2.3:a:cisco:security_manager:4.14
-
cpe:2.3:a:cisco:security_manager:4.15
-
cpe:2.3:a:cisco:security_manager:4.16
-
cpe:2.3:a:cisco:security_manager:4.17
-
cpe:2.3:a:cisco:security_manager:4.18
-
cpe:2.3:a:cisco:security_manager:4.19
-
cpe:2.3:a:cisco:security_manager:4.2
-
cpe:2.3:a:cisco:security_manager:4.20
-
cpe:2.3:a:cisco:security_manager:4.21
-
cpe:2.3:a:cisco:security_manager:4.3
-
cpe:2.3:a:cisco:security_manager:4.4
-
cpe:2.3:a:cisco:security_manager:4.5
-
cpe:2.3:a:cisco:security_manager:4.6
-
cpe:2.3:a:cisco:security_manager:4.7(0)
-
cpe:2.3:a:cisco:security_manager:4.8
-
cpe:2.3:a:cisco:security_manager:4.9
-
cpe:2.3:a:cisco:security_manager:4.9(0)qa99