CVE-2020-8097
published 2020-08-30CVE-2020-8097: An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local…
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.40%
31.8th percentile
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bitdefender | endpoinit_security_tools_for_windows | >= unspecified < 6.6.18.261 | 6.6.18.261 |
| bitdefender | endpoint_security | < 6.6.18.261 | 6.6.18.261 |
| bitdefender | endpoint_security_sdk | >= unspecified < 6.6.18.261 | 6.6.18.261 |
| bitdefender | endpoint_security_tools | < 6.6.18.261 | 6.6.18.261 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hjj8-487v-3m8m: An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileg
ghsa_unreviewed·2022-05-24
CVE-2020-8097 [MEDIUM] GHSA-hjj8-487v-3m8m: An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileg
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.
Red Hat
payara: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara
vendor_redhat·2024-09-11·CVSS 6.7
CVE-2024-8097 [MEDIUM] CWE-200 payara: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara
payara: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform Payara Server (Logging modules) allows Sensitive credentials posted in plain-text on the server log.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.20.0 before 5.67.0, from 5.2020.2 before 5.2022.5, from 4.1.2.191.0 before 4.1.2.191.50.
An exposure of sensitive information flaw via an unauthorized actor vulnerability was found in the Payara Platform Payara Server (logging modules). This issue allows sensitive credentials to be posted in plain text on the server log.
Mitigation: Mitigation for this issue is either not available or the currently available opti
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://www.bitdefender.com/support/security-advisories/improper-authentication-vulnerability-bitdefender-endpoint-security-tools-endpoint-security-sdk-va-8646https://www.bitdefender.com/support/security-advisories/improper-authentication-vulnerability-bitdefender-endpoint-security-tools-endpoint-security-sdk-va-8646
2020-08-30
Published