Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2020-29055

Published: 24/11/2020 Updated: 11/03/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to 72408a Firmware

Vulnerability Summary

An issue exists on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. By default, the appliance can be managed remotely only with HTTP, telnet, and SNMP. It doesn't support SSL/TLS for HTTP or SSH. An attacker can intercept passwords sent in cleartext and conduct man-in-the-middle attacks on the management of the appliance.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cdatatec 72408a_firmware 1.2.2

cdatatec 72408a_firmware 2.4.03_000

cdatatec 72408a_firmware 2.4.04_001

cdatatec 72408a_firmware 2.4.05_000

cdatatec 9008a_firmware 1.2.2

cdatatec 9008a_firmware 2.4.03_000

cdatatec 9008a_firmware 2.4.04_001

cdatatec 9008a_firmware 2.4.05_000

cdatatec 9016a_firmware 1.2.2

cdatatec 9016a_firmware 2.4.03_000

cdatatec 9016a_firmware 2.4.04_001

cdatatec 9016a_firmware 2.4.05_000

cdatatec 92408a_firmware 1.2.2

cdatatec 92408a_firmware 2.4.03_000

cdatatec 92408a_firmware 2.4.04_001

cdatatec 92408a_firmware 2.4.05_000

cdatatec 92416a_firmware 1.2.2

cdatatec 92416a_firmware 2.4.03_000

cdatatec 92416a_firmware 2.4.04_001

cdatatec 92416a_firmware 2.4.05_000

cdatatec 9288_firmware 1.2.2

cdatatec 9288_firmware 2.4.03_000

cdatatec 9288_firmware 2.4.04_001

cdatatec 9288_firmware 2.4.05_000

cdatatec 97016_firmware 1.2.2

cdatatec 97016_firmware 2.4.03_000

cdatatec 97016_firmware 2.4.04_001

cdatatec 97016_firmware 2.4.05_000

cdatatec 97024p_firmware 1.2.2

cdatatec 97024p_firmware 2.4.03_000

cdatatec 97024p_firmware 2.4.04_001

cdatatec 97024p_firmware 2.4.05_000

cdatatec 97028p_firmware 1.2.2

cdatatec 97028p_firmware 2.4.03_000

cdatatec 97028p_firmware 2.4.04_001

cdatatec 97028p_firmware 2.4.05_000

cdatatec 97042p_firmware 1.2.2

cdatatec 97042p_firmware 2.4.03_000

cdatatec 97042p_firmware 2.4.04_001

cdatatec 97042p_firmware 2.4.05_000

cdatatec 97084p_firmware 1.2.2

cdatatec 97084p_firmware 2.4.03_000

cdatatec 97084p_firmware 2.4.04_001

cdatatec 97084p_firmware 2.4.05_000

cdatatec 97168p_firmware 1.2.2

cdatatec 97168p_firmware 2.4.03_000

cdatatec 97168p_firmware 2.4.04_001

cdatatec 97168p_firmware 2.4.05_000

cdatatec fd1002s_firmware 1.2.2

cdatatec fd1002s_firmware 2.4.03_000

cdatatec fd1002s_firmware 2.4.04_001

cdatatec fd1002s_firmware 2.4.05_000

cdatatec fd1104_firmware 1.2.2

cdatatec fd1104_firmware 2.4.03_000

cdatatec fd1104_firmware 2.4.04_001

cdatatec fd1104_firmware 2.4.05_000

cdatatec fd1104b_firmware 1.2.2

cdatatec fd1104b_firmware 2.4.03_000

cdatatec fd1104b_firmware 2.4.04_001

cdatatec fd1104b_firmware 2.4.05_000

cdatatec fd1104s_firmware 1.2.2

cdatatec fd1104s_firmware 2.4.03_000

cdatatec fd1104s_firmware 2.4.04_001

cdatatec fd1104s_firmware 2.4.05_000

cdatatec fd1104sn_firmware 1.2.2

cdatatec fd1104sn_firmware 2.4.03_000

cdatatec fd1104sn_firmware 2.4.04_001

cdatatec fd1104sn_firmware 2.4.05_000

cdatatec fd1108s_firmware 1.2.2

cdatatec fd1108s_firmware 2.4.03_000

cdatatec fd1108s_firmware 2.4.04_001

cdatatec fd1108s_firmware 2.4.05_000

cdatatec fd1204s-r2_firmware 1.2.2

cdatatec fd1204s-r2_firmware 2.4.03_000

cdatatec fd1204s-r2_firmware 2.4.04_001

cdatatec fd1204s-r2_firmware 2.4.05_000

cdatatec fd1204sn_firmware 1.2.2

cdatatec fd1204sn_firmware 2.4.03_000

cdatatec fd1204sn_firmware 2.4.04_001

cdatatec fd1204sn_firmware 2.4.05_000

cdatatec fd1204sn-r2_firmware 1.2.2

cdatatec fd1204sn-r2_firmware 2.4.03_000

cdatatec fd1204sn-r2_firmware 2.4.04_001

cdatatec fd1204sn-r2_firmware 2.4.05_000

cdatatec fd1208s-r2_firmware 1.2.2

cdatatec fd1208s-r2_firmware 2.4.03_000

cdatatec fd1208s-r2_firmware 2.4.04_001

cdatatec fd1208s-r2_firmware 2.4.05_000

cdatatec fd1216s-r1_firmware 1.2.2

cdatatec fd1216s-r1_firmware 2.4.03_000

cdatatec fd1216s-r1_firmware 2.4.04_001

cdatatec fd1216s-r1_firmware 2.4.05_000

cdatatec fd1608gs_firmware 1.2.2

cdatatec fd1608gs_firmware 2.4.03_000

cdatatec fd1608gs_firmware 2.4.04_001

cdatatec fd1608gs_firmware 2.4.05_000

cdatatec fd1608sn_firmware 1.2.2

cdatatec fd1608sn_firmware 2.4.03_000

cdatatec fd1608sn_firmware 2.4.04_001

cdatatec fd1608sn_firmware 2.4.05_000

cdatatec fd1616gs_firmware 1.2.2

cdatatec fd1616gs_firmware 2.4.03_000

cdatatec fd1616gs_firmware 2.4.04_001

cdatatec fd1616gs_firmware 2.4.05_000

cdatatec fd1616sn_firmware 1.2.2

cdatatec fd1616sn_firmware 2.4.03_000

cdatatec fd1616sn_firmware 2.4.04_001

cdatatec fd1616sn_firmware 2.4.05_000

cdatatec fd8000_firmware 1.2.2

cdatatec fd8000_firmware 2.4.03_000

cdatatec fd8000_firmware 2.4.04_001

cdatatec fd8000_firmware 2.4.05_000

References

CWE-319https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.htmlhttps://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook