1. Home
  2. CVE Database
  3. CVE-2020-29055
MEDIUM · 5.9

CVE-2020-29055

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, ...

Vulnerability Description

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. By default, the appliance can be managed remotely only with HTTP, telnet, and SNMP. It doesn't support SSL/TLS for HTTP or SSH. An attacker can intercept passwords sent in cleartext and conduct man-in-the-middle attacks on the management of the appliance.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Cdatatec72408A Firmware1.2.2
Cdatatec72408A-
Cdatatec9008A Firmware1.2.2
Cdatatec9008A-
Cdatatec9016A Firmware1.2.2
Cdatatec9016A-
Cdatatec92408A Firmware1.2.2
Cdatatec92408A-
Cdatatec92416A Firmware1.2.2
Cdatatec92416A-
Cdatatec9288 Firmware1.2.2
Cdatatec9288-
Cdatatec97016 Firmware1.2.2
Cdatatec97016-
Cdatatec97024P Firmware1.2.2
Cdatatec97024P-
Cdatatec97028P Firmware1.2.2
Cdatatec97028P-
Cdatatec97042P Firmware1.2.2
Cdatatec97042P-

Related Weaknesses (CWE)

CWE-319

References

FAQ

What is CVE-2020-29055?

CVE-2020-29055 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, ...

How severe is CVE-2020-29055?

CVE-2020-29055 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-29055?

Check the references section above for vendor advisories and patch information. Affected products include: Cdatatec 72408A Firmware, Cdatatec 72408A, Cdatatec 9008A Firmware, Cdatatec 9008A, Cdatatec 9016A Firmware.