exploitDog

CVE-2020-10553

Опубликовано: 05 фев. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen (aka screensaver) of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify that file.

Ссылки

https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax
Third Party Advisory
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:psyprax:psyprax:*:*:*:*:*:*:*:*

Версия до 3.2.2 (исключая)

EPSS

Процентиль: 13%

0.00043

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-732

Связанные уязвимости

GHSA-rr5j-hx3c-x5p5

github

больше 3 лет назад

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen (aka screensaver) of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify that file.

EPSS

Процентиль: 13%

0.00043

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-732