Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-36968

Опубликовано: 28 янв. 2026
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:tildeslash:m\/monit:3.7.4:*:*:*:*:*:*:*

EPSS

Процентиль: 32%
0.00128
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-522

Связанные уязвимости

ubuntu логотип

CVE-2020-36968

CVSS3: 6.5
ubuntu
10 дней назад

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.

debian логотип

CVE-2020-36968

CVSS3: 6.5
debian
10 дней назад

M/Monit 3.7.4 contains an authentication vulnerability that allows aut ...

github логотип

GHSA-r4vc-qvp9-9h22

CVSS3: 6.5
github
10 дней назад

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.

EPSS

Процентиль: 32%
0.00128
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-522