CVE-2020-10285

Critical

The authentication implementation on the xArm controller has very low entropy, making it vulnerable to a brute-force attack. There is no…

Alias·CWE-307·Published 2020-07-15

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

213 chars

The authentication implementation on the xArm controller has very low entropy, making it vulnerable to a brute-force attack. There is no mechanism in place to mitigate or lockout automated attempts to gain access.

NVDen

213 chars

NVDes

233 chars

La implementación de autenticación en el controlador xArm presenta una entropía muy baja, haciéndole vulnerable a un ataque de fuerza bruta. No posee un mecanismo para mitigar o bloquear los intentos automatizados de conseguir acceso

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	cve.org	9.4	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H