← back
CVE-2020-14494

CVE-2020-14494

EPSS 1.3%CWE-287
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
20 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts.
Affected products
n/a · OpenClinic GA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://us-cert.cisa.gov/ics/advisories/icsma-20-184-01