CVE-2020-10552

HIGH

Psyprax <3.2.2 - Info Disclosure

Title source: llm

Description

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as well.

References (1)

[Third Party Advisory] https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax

Scores

CVSS v3 8.1

EPSS 0.0028

EPSS Percentile 51.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-1188

Status published

Products (1)

psyprax/psyprax < 3.2.2

Published Feb 05, 2021

Tracked Since Feb 18, 2026