Vulnerability Description
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Plathome | Easyblocks Ipv6 Firmware | <= 2.0.1 |
| Plathome | Easyblocks Ipv6 | - |
| Plathome | Easyblocks Ipv6 Enterprise Firmware | <= 2.0.1 |
| Plathome | Easyblocks Ipv6 Enterprise | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN89224521/index.htmlThird Party Advisory
- https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/Release NotesVendor Advisory
- https://www.plathome.co.jp/software/ipv6-v2-0-2/Release NotesVendor Advisory
- https://jvn.jp/en/jp/JVN89224521/index.htmlThird Party Advisory
- https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/Release NotesVendor Advisory
- https://www.plathome.co.jp/software/ipv6-v2-0-2/Release NotesVendor Advisory
FAQ
What is CVE-2020-5550?
CVE-2020-5550 is a vulnerability with a CVSS score of 8.1 (HIGH). Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management conso...
How severe is CVE-2020-5550?
CVE-2020-5550 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5550?
Check the references section above for vendor advisories and patch information. Affected products include: Plathome Easyblocks Ipv6 Firmware, Plathome Easyblocks Ipv6, Plathome Easyblocks Ipv6 Enterprise Firmware, Plathome Easyblocks Ipv6 Enterprise.