CVE-2020-7514Use of a Broken or Risky Cryptographic Algorithm in Easergy Builder

CWE-327Use of a Broken or Risky Cryptographic Algorithm3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 92.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Schneider-electric Easergy Builder
Timeline
PublishedJul 23
Latest updateMay 24

Description

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain full access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9cxm-8wwv-f396: A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 12022-05-24
CVEList
CVE-2020-7514: A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 12020-07-23
CVE-2020-7514 — Easergy Builder vulnerability | cvebase