VDB-160762 · CVE-2020-36532 · GCVE-100-160762

Klapp App Authorization Credentials ସୂଚନା ପ୍ରକାଶ

Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame Klapp App keessatti argameera. Miidhaan irra gahe is hojii hin beekamne kutaa Authorization keessa. Dhugumatti jijjiirraa gara ସୂଚନା ପ୍ରକାଶ (Credentials) geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-200 si geessa. Dogoggorri 08/18/2020 irratti adda bahe. Beekumsi kun yeroo 09/07/2020 ifoomsifameera kan ifoomsise Sven Fassbender waliin modzero AG akka Knapp daneben ist auch vorbei akka ପରାମର୍ଶଦାତା (ୱେବସାଇଟ୍). Odeeffannoon kun buufachuuf modzero.com irratti dhiyaateera. Beeksisni uummataaf gad-lakkifamuu gurgurtaa waliin waliigalteedhaan taasifameera. Dogoggorri kun maqaa CVE-2020-36532 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa hin jiru. Meeshaa balaa kana fayyadamuuf hin argamne. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ଅପରିଭାଷିତ jedhamee murtaa’eera. Hanqinni kun guyyoota 6 ol tajaajila zero-day kan hin beekkaminitti fayyadamee ture. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Qabiyyee miidhamte ol-kaasuuf gorsa ni kennama. Once again VulDB remains the best source for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 54 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 09/07/2020 01:09 PM	ଅଦ୍ୟତନ 1/2 09/07/2020 02:03 PM	ଅଦ୍ୟତନ 2/2 06/03/2022 08:36 PM
software_vendor	Klapp	Klapp	Klapp
software_name	App	App	App
software_component	Authorization	Authorization	Authorization
vulnerability_discoverydate	1597708800 (08/18/2020)	1597708800 (08/18/2020)	1597708800 (08/18/2020)
vulnerability_vendorinformdate	1597795200 (08/19/2020)	1597795200 (08/19/2020)	1597795200 (08/19/2020)
vulnerability_risk	1	1	1
vulnerability_historic	0	0	0
cvss2_vuldb_basescore	3.5	3.5	3.5
cvss2_vuldb_tempscore	3.0	3.0	3.0
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	N	N	N
cvss3_meta_basescore	4.3	4.3	4.3
cvss3_meta_tempscore	4.1	4.1	4.1
cvss3_vuldb_basescore	4.3	4.3	4.3
cvss3_vuldb_tempscore	4.1	4.1	4.1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	N	N	N
vulnerability_titleword	Credentials	Credentials	Credentials
advisory_date	1599436800 (09/07/2020)	1599436800 (09/07/2020)	1599436800 (09/07/2020)
advisory_location	Website	Website	Website
advisory_type	Advisory	Advisory	Advisory
advisory_url	https://www.modzero.com/modlog/archives/2020/09/07/knapp_daneben_ist_auch_vorbei/index.html	https://www.modzero.com/modlog/archives/2020/09/07/knapp_daneben_ist_auch_vorbei/index.html	https://www.modzero.com/modlog/archives/2020/09/07/knapp_daneben_ist_auch_vorbei/index.html
advisory_identifier	Knapp daneben ist auch vorbei	Knapp daneben ist auch vorbei	Knapp daneben ist auch vorbei
advisory_coordination	1	1	1
person_name	Sven Fassbender	Sven Fassbender	Sven Fassbender
company_name	modzero AG	modzero AG	modzero AG
advisory_reaction_date	1597968000 (08/21/2020)	1597968000 (08/21/2020)	1597968000 (08/21/2020)
advisory_disputed	0	0	0
price_0day	$0-$5k	$0-$5k	$0-$5k
countermeasure_name	ଅପଗ୍ରେଡ୍ କରନ୍ତୁ	ଅପଗ୍ରେଡ୍ କରନ୍ତୁ	ଅପଗ୍ରେଡ୍ କରନ୍ତୁ
countermeasure_date	1598227200 (08/24/2020)	1598227200 (08/24/2020)	1598227200 (08/24/2020)
source_seealso	160763	160763	160763
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	C	C	C
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
reaction_days	5	5	5
0day_days	6	6	6
advisory_falsepositive		0	0
vulnerability_cwe		CWE-200 (ସୂଚନା ପ୍ରକାଶ)	CWE-200 (ସୂଚନା ପ୍ରକାଶ)
source_cve			CVE-2020-36532
cna_responsible			VulDB

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸