CVE-2020-23162

Severity CVSS v4.0:
Pending analysis
Type:
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
Publication date:
26/01/2021
Last modified:
21/07/2021

Description

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:pyres:termod4_firmware:*:*:*:*:*:*:*:* 10.04k (excluding)
cpe:2.3:h:pyres:termod4:-:*:*:*:*:*:*:*