Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2020-29127

Published: 30/11/2020 Updated: 03/12/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Eternus Storage Dx200 S4 Firmware

Vulnerability Summary

An issue exists on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en is visited from a different web browser.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fujitsu eternus_storage_dx200_s4_firmware

Exploits

Exploit DB: Fujitsu Eternus Storage DX200 S4 Broken Authentication
Fujitsu Eternus Storage DX200 S4 fails to set cookies for authentication allowing for replay of URLs to achieve root level privileges ...

Github Repositories

https://github.com/TURROKS/CVE_Prioritizer

Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay informed about the latest trends.

CVE Prioritizer Tool CVE_Prioritizer is a powerful tool that helps you prioritize vulnerability patching by combining CVSS, EPSS, and CISA's Known Exploited Vulnerabilities It provides valuable insights into the likelihood of exploitation and the potential impact of vulnerabilities on your information system Why Combine CVSS, EPSS, and CISA's KEV? CVE_Prioritizer le

https://github.com/infa-aksharma/Risklogyx

Risklogyx represents a robust solution that aids in the prioritization of vulnerability patching. It achieves this by amalgamating CVSS, EPSS, and CISA's Known Exploited Vulnerabilities data. This tool delivers invaluable insights into the probability of exploitation and the potential repercussions of vulnerabilities on your information system.

Risklogyx Risklogyx represents a robust solution that aids in the prioritization of vulnerability patching It achieves this by amalgamating CVSS, EPSS, and CISA's Known Exploited Vulnerabilities data This tool delivers invaluable insights into the probability of exploitation and the potential repercussions of vulnerabilities on your information system Installation Clo

References

CWE-287http://packetstormsecurity.com/files/160255/Fujitsu-Eternus-Storage-DX200-S4-Broken-Authentication.htmlhttps://www.first.org/members/teams/fujitsu_psirthttps://cxsecurity.com/issue/WLB-2020110215https://seccops.com/fujitsu-eternus-storage-dx200-s4-broken-authentication/https://nvd.nist.govhttps://github.com/TURROKS/CVE_Prioritizerhttps://packetstormsecurity.com/files/160255/Fujitsu-Eternus-Storage-DX200-S4-Broken-Authentication.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook