CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-9045

During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.7%

CVSS Severity

CVSS v3 Score 9.9

CVSS v2 Score 4.0

References

https://www.johnsoncontrols.com/cyber-solutions/security-advisories
https://www.us-cert.gov/ics/advisories/ICSA-20-142-01
https://www.johnsoncontrols.com/cyber-solutions/security-advisories
https://www.us-cert.gov/ics/advisories/ICSA-20-142-01

Products affected by CVE-2020-9045

Tyco » Victor Video Management System » Version: 5.2

cpe:2.3:a:tyco:victor_video_management_system:5.2
Johnsoncontrols » C-Cure 9000 Firmware » Version: 2.70

cpe:2.3:o:johnsoncontrols:c-cure_9000_firmware:2.70

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-9045

Products

Pricing

Contact Us