CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-9048

A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.7%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 7.8

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-282-01
https://www.johnsoncontrols.com/cyber-solutions/security-advisories
https://us-cert.cisa.gov/ics/advisories/icsa-20-282-01
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

Products affected by CVE-2020-9048

Johnsoncontrols » Victor Web Client » Version: Any

cpe:2.3:a:johnsoncontrols:victor_web_client:*
Tyco » C-Cure Web Client » Version: N/A

cpe:2.3:a:tyco:c-cure_web_client:-
Tyco » C-Cure Web Client » Version: 2.80

cpe:2.3:a:tyco:c-cure_web_client:2.80

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-9048

Products

Pricing

Contact Us