CVE-2020-8232

Published: Aug 17, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages.

Affected (1)

Products: Ui: Edgeswitch Firmware

1 product

Edgeswitch Firmware

Configuration A

1 vulnerable · 11 platform

Vulnerable Software	Affected Versions
Ui Edgeswitch Firmware	Before 1.9.0

Running on/with	Platform Versions
Ui Ep 16 Xg	All versions
Ui Ep S16	All versions
Ui Es 12f	All versions
Ui Es 16 150w	All versions
Ui Es 24 250w	All versions
Ui Es 24 500w	All versions
Ui Es 24 Lite	All versions
Ui Es 48 500w	All versions
Ui Es 48 750w	All versions
Ui Es 48 Lite	All versions
Ui Es 8 150w	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

https://community.ui.com/releases/EdgeMAX-EdgeSwitch-Firmware-v1-9-1-v1-9-1/8a87dfc5-70f5-4055-8d67-570db1f5695c

Source: support@hackerone.com

PatchRelease NotesVendor Advisory

https://community.ui.com/releases/Security-advisory-bulletin-014-014/1c32c056-2c64-4e60-ac23-ce7d8f387821

Source: support@hackerone.com

Vendor Advisory

https://www.ui.com/download/edgemax

Source: support@hackerone.com

Product

https://community.ui.com/releases/EdgeMAX-EdgeSwitch-Firmware-v1-9-1-v1-9-1/8a87dfc5-70f5-4055-8d67-570db1f5695c

Source: af854a3a-2127-422b-91ae-364da2661108

PatchRelease NotesVendor Advisory

https://community.ui.com/releases/Security-advisory-bulletin-014-014/1c32c056-2c64-4e60-ac23-ce7d8f387821

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.ui.com/download/edgemax

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.