CVE-2020-21994

Description


AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.

Related CPE's


CvssV3 impact


Could not find any metrics

CvssV2 impact


Could not find any metrics