CVE-2020-25250

Published: Sep 11, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs.

Affected (5)

Products: Hyland: Onbase

Hyland

1 product

Onbase

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Hyland Onbase	Up to 16.0.2.83
Hyland Onbase	From 17.0.0.0 to 17.0.2.109
Hyland Onbase	From 18.0.0.0 to 18.0.0.37
Hyland Onbase	From 19.0.0.0 to 19.8.16.1000
Hyland Onbase	From 20.0.0.0 to 20.3.10.1000

References (2)

https://seclists.org/fulldisclosure/2020/Sep/8

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://seclists.org/fulldisclosure/2020/Sep/8

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

Timeline

No history available yet.