|
| |
| Unisys ID: |
UIS-2020-3 |
| Status: |
Published |
| CVE-ID: |
CVE-2020-24620 |
| Affected Product: |
Stealth Solution |
| Affected Version: |
4.0.02x and 4.0.131 |
| Impact: |
HIGH |
| CVSS v3.1 Base Score: |
7.7 |
| CVSS v3.1 Vector: |
AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:H/E:U/RL:O/RC:C
v3 Calculator |
| CVSS v2.0 Base Score: |
6.2 |
| CVSS v2.0 Vector: |
(AV:L/AC:L/Au:M/C:C/I:P/A:C)
v2 Calculator |
| CVSS Temporal Score: |
6.7 |
| Common Weakness Enumeration (CWE):  |
257 |
| Common Platform Enumeration (CPE):  |
cpe:2.3:a:unisys:stealth:4.0:*:*:*:*:*:*:* |
| Source: |
Internal Reported |
| Keyword(s): |
credentials |
| Vulnerability Description: |
| Search of Enterprise Manager can potentially reveal credentials |
| System Configuration: |
| Any Stealth configuration |
| Impact of Exploiting Vulnerability: |
| Potential for gaining access to the EM database |
| Remediation Description: |
| Please upgrade to Stealth 4.0.134 or higher. |
| Workaround Information: |
|
| References: |
| PLE 19279677 |
| Additional Vendor Comment: |
|