Vulnerability Details CVE-2020-7492
A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2020-7492
-
cpe:2.3:a:schneider-electric:gp-pro_ex_firmware:1.00
-
cpe:2.3:a:schneider-electric:gp-pro_ex_firmware:4.08.200
-
cpe:2.3:a:schneider-electric:gp-pro_ex_firmware:4.09.120