1. Home
  2. CVE Database
  3. CVE-2020-29021
LOW · 3.5

CVE-2020-29021

A vulnerability in web UI input field of GateManager allows authenticated attacker to enter script tags that could cause XSS. This issue affects: GateManager all versions prior to 9.3.

Vulnerability Description

A vulnerability in web UI input field of GateManager allows authenticated attacker to enter script tags that could cause XSS. This issue affects: GateManager all versions prior to 9.3.

CVSS Score

3.5

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
SecomeaGatemanager 8250 Firmware< 9.3
SecomeaGatemanager 8250-
SecomeaGatemanager 4250 FirmwareAll versions
SecomeaGatemanager 4250-
SecomeaGatemanager 4260 FirmwareAll versions
SecomeaGatemanager 4260-
SecomeaGatemanager 9250 FirmwareAll versions
SecomeaGatemanager 9250-

Related Weaknesses (CWE)

CWE-20CWE-79

References

FAQ

What is CVE-2020-29021?

CVE-2020-29021 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability in web UI input field of GateManager allows authenticated attacker to enter script tags that could cause XSS. This issue affects: GateManager all versions prior to 9.3.

How severe is CVE-2020-29021?

CVE-2020-29021 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-29021?

Check the references section above for vendor advisories and patch information. Affected products include: Secomea Gatemanager 8250 Firmware, Secomea Gatemanager 8250, Secomea Gatemanager 4250 Firmware, Secomea Gatemanager 4250, Secomea Gatemanager 4260 Firmware.