Vulnerability Details CVE-2020-5805
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml. OS-level users on the QCC host who are not authorized to use QCC may use the plaintext credentials to login to QCC.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2020-5805
-
cpe:2.3:a:marvell:qconvergeconslole_gui:-
-
cpe:2.3:a:marvell:qconvergeconslole_gui:5.5.0.74