CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-8347

A reflective cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's browser if a crafted url is visited, possibly through phishing.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://iknow.lenovo.com.cn/detail/dc_191492.html
https://iknow.lenovo.com.cn/detail/dc_191492.html

Products affected by CVE-2020-8347

Lenovo » Enterprise Network Disk » Version: 6.1

cpe:2.3:a:lenovo:enterprise_network_disk:6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8347

Products

Pricing

Contact Us