CVE-2020-29027

Published Feb 16, 2021

Last updated 4 years ago

CVSS medium 5.4

Overview

Description: Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.
Source: VulnerabilityReporting@secomea.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.4
Impact score: 2.7
Exploitability score: 2.3
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79
VulnerabilityReporting@secomea.com: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C0FAD6E-F83E-4FCC-974E-234AFF0F6B3B",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8205A78B-7823-4510-A336-317F4913895A",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B441D7BD-9E88-427D-AF68-55ABE1ECAFFA",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A6940E9-7E5E-4464-A173-5D841C01A372",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29745914-FDC8-4409-B86C-CAF455D833BC",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69CE2E1A-A1B3-465B-8C49-1CCFF86AD440",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3FCD5A7-19E7-495B-9096-6B176AD2BC32",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CBC771F-EB11-43FC-AC56-AA6BA36BBC61",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2483D229-EE45-4103-833B-844E34EBB04C",
            "versionEndExcluding": "9.2c"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References