CVE-2020-5550 Information

Description

Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console that may result in information alteration/disclosure via unspecified vectors.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Reference

https://jvn.jp/en/jp/JVN89224521/index.html https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/ https://www.plathome.co.jp/software/ipv6-v2-0-2/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

NONE

Base Severity

8.1