CVE-2020-7508

Critical

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older)…

schneider·CWE-307·Published 2020-06-16

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

205 chars

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.

NVDen

205 chars

NVDes

246 chars

Una CWE-307: Se presenta una vulnerabilidad de Restricción Inapropiada de Intentos de Autenticación Excesiva en Easergy T300 (versiones de Firmware 1.5.2 y anteriores) que podría permitir a un atacante conseguir acceso total mediante fuerza bruta

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H