Bosch Fsm-2500 vulnerabilities
2 known vulnerabilities affecting bosch/fsm-2500.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-6779P2CRITICALCVSS 10.0≥ unspecified, ≤ 5.22021-01-26
CVE-2020-6779 [CRITICAL] CWE-798 CVE-2020-6779: Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact
nvd
CVE-2020-6780P4MEDIUMCVSS 4.9≥ unspecified, ≤ 5.22021-01-26
CVE-2020-6780 [MEDIUM] CWE-916 CVE-2020-6780: Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
nvd