CVE-2020-10552

Published: Feb 5, 2021Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as well.

Affected (1)

Products: Psyprax: Psyprax

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Psyprax Psyprax	Before 3.2.2

Related CWEs

Initialization of a Resource with an Insecure Default

The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

References (2)

https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax

Source: cve@mitre.org

Third Party Advisory

https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.