CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6780

Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.5%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 4.0

References

Products affected by CVE-2020-6780

Bosch » Fsm-2500 » Version: N/A

cpe:2.3:h:bosch:fsm-2500:-
Bosch » Fsm-5000 » Version: N/A

cpe:2.3:h:bosch:fsm-5000:-
Bosch » Fsm-2500 Firmware » Version: N/A

cpe:2.3:o:bosch:fsm-2500_firmware:-
Bosch » Fsm-2500 Firmware » Version: 5.2

cpe:2.3:o:bosch:fsm-2500_firmware:5.2
Bosch » Fsm-5000 Firmware » Version: N/A

cpe:2.3:o:bosch:fsm-5000_firmware:-
Bosch » Fsm-5000 Firmware » Version: 5.2

cpe:2.3:o:bosch:fsm-5000_firmware:5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6780

Products

Pricing

Contact Us