CVE-2020-26076 is a vulnerability in Cisco Iot Field Network Director
Published on November 18, 2020
Cisco IoT Field Network Director Information Disclosure Vulnerability
A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the absence of authentication for sensitive information. An attacker could exploit this vulnerability by sending crafted curl commands to an affected device. A successful exploit could allow the attacker to view sensitive database information on the affected device.
Weakness Type
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.
Products Associated with CVE-2020-26076
Want to know whenever a new CVE is published for Cisco Iot Field Network Director? stack.watch will email you.
Affected Versions
Cisco IoT Field Network Director (IoT-FND) Version n/a is affected by CVE-2020-26076Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.