Vulnerability Details CVE-2020-27740
Citadel WebCit through 926 allows unauthenticated remote attackers to enumerate valid users within the platform. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.4%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2020-27740
-
cpe:2.3:a:citadel:webcit:-
-
cpe:2.3:a:citadel:webcit:7.10
-
cpe:2.3:a:citadel:webcit:7.86
-
cpe:2.3:a:citadel:webcit:7.87
-
cpe:2.3:a:citadel:webcit:8.01
-
cpe:2.3:a:citadel:webcit:8.02
-
cpe:2.3:a:citadel:webcit:8.03
-
cpe:2.3:a:citadel:webcit:8.05
-
cpe:2.3:a:citadel:webcit:8.06
-
cpe:2.3:a:citadel:webcit:8.12
-
cpe:2.3:a:citadel:webcit:8.13
-
cpe:2.3:a:citadel:webcit:8.14
-
cpe:2.3:a:citadel:webcit:8.16
-
cpe:2.3:a:citadel:webcit:8.20
-
cpe:2.3:a:citadel:webcit:8.22
-
cpe:2.3:a:citadel:webcit:8.23
-
cpe:2.3:a:citadel:webcit:8.24
-
cpe:2.3:a:citadel:webcit:9.01
-
cpe:2.3:a:citadel:webcit:902
-
cpe:2.3:a:citadel:webcit:926