CVE-2020-26076

A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the absence of authentication for sensitive information. An attacker could exploit this vulnerability by sending crafted curl commands to an affected device. A successful exploit could allow the attacker to view sensitive database information on the affected device.

Severity	HIGH
CVSS	7.5
EPSS	-
CWE	CWE-497
KEV
Published	5 years ago
Modified	1 year ago

Public Affected Products

Product	Advisory	Evidence
Cisco IoT Field Network Director (IoT-FND)	cisco-sa-FND-SSI-V2myWX9y	Cisco CSAF · structured affected