CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6972

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.4%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

https://www.us-cert.gov/ics/advisories/icsa-20-051-03
https://www.us-cert.gov/ics/advisories/icsa-20-051-03

Products affected by CVE-2020-6972

Honeywell » Notifier Webserver » Version: 3.50

cpe:2.3:a:honeywell:notifier_webserver:3.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6972

Products

Pricing

Contact Us