What is CVE-2020-29031?

CVE-2020-29031 is a high-severity vulnerability in Secomea Gatemanager, classified under Improper Handling of Insufficient Permissions or Privileges. CVSS score: 7.1/10. Published 2021-02-15.

How severe is CVE-2020-29031?

High severity. CVSS v3 base score is 7.1 out of 10.

Vulnerability in Secomea Gatemanager

CVE-2020-29031

An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via escalation of privileges. This issue af…

EPSS: 0.002 (44.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N.

Affected products

Secomea Gatemanager — versions All

Weakness classification (CWE)

CWE-280 — Improper Handling of Insufficient Permissions or Privileges

References

www.secomea.com/support/cybersecurity-advisory/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-29031?: CVE-2020-29031 is a high-severity vulnerability in Secomea Gatemanager, classified under Improper Handling of Insufficient Permissions or Privileges. CVSS score: 7.1/10. Published 2021-02-15.
How severe is CVE-2020-29031?: High severity. CVSS v3 base score is 7.1 out of 10.