CVE-2020-25162

High

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions…

icscert·CWE-643·Published 2022-04-14

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

248 chars

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to access sensitive information and escalate privileges.

NVDen

248 chars

NVDes

258 chars

Una vulnerabilidad de inyección XPath en B. Braun Melsungen AG SpaceCom Versiones L81/U61 y anteriores, y el módulo de Datos compactplus Versiones A10 y A11, permite a atacantes remotos no autenticados acceder a información confidencial y escalar privilegios

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.8	10.0	6.9	AV:N/AC:L/Au:N/C:C/I:N/A:N
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N