ID CVE-2020-12529
Summary An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports.
References
Vulnerable Configurations
  • cpe:2.3:a:mbconnectline:mbconnect24:-:*:*:*:*:*:*:*
    cpe:2.3:a:mbconnectline:mbconnect24:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mbconnectline:mbconnect24:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mbconnectline:mbconnect24:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mbconnectline:mymbconnect24:-:*:*:*:*:*:*:*
    cpe:2.3:a:mbconnectline:mymbconnect24:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mbconnectline:mymbconnect24:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mbconnectline:mymbconnect24:2.6.1:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 09-03-2021 - 16:13)
Impact:
Exploitability:
CWE CWE-918
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
Last major update 09-03-2021 - 16:13
Published 02-03-2021 - 22:15
Last modified 09-03-2021 - 16:13
Back to Top