CVE-2020-16280
MEDIUMRangeeOS 8.0.4 - Insufficiently Protected Credentials
Title source: llmDescription
Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plaintext including credentials of users for several external facing administrative services, domain joined users, and local administrators. To exploit the vulnerability a local attacker must have access to the underlying operating system.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.contextis.com/en/resources/advisories/cve-2020-16280
Scores
CVSS v3
5.5
EPSS
0.0026
EPSS Percentile
17.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (1)
rangee/rangeeos
8.0.4
Published
Aug 20, 2020
Tracked Since
Feb 18, 2026