VDB
CVE-2020-15794
CVE-2020-15794
PUBLISHED
CVSS 4.300000190734863 MEDIUM
A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system.
EPSS 0.17% · 38.7th percentile
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.17%
38.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Desigo Insight | All versions |
| siemens | desigo_insight | 0, 6.0, 6.0 |
Exploit Intelligence
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf (circl)
- https://us-cert.cisa.gov/ics/advisories/icsa-20-287-05 (circl)
Timeline
- Oct 15, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-384879.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-20-287-05 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-15794 advisory