go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

Unisoon UltraLog Express - Sensitive Data Exposure

TVN ID TVN-201911004
CVE ID CVE-2020-3921
CVSS 8.6 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected Products UltraLog Express ver 1.4.0
Description UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page.
Solution Update to V1.5.0 or later version
Credit Alan Chung(NCCST)
Public Date 2020-03-27

Links

  1. CVE-2020-3921
Top