

Rewterz Threat Advisory – CVE-2020-3999 – VMware Multiple Products DoS Vulnerability
December 18, 2020
Rewterz Threat Alert – APT C-35 (Donot Team) Template Injection
December 18, 2020
Rewterz Threat Advisory – CVE-2020-3999 – VMware Multiple Products DoS Vulnerability
December 18, 2020
Rewterz Threat Alert – APT C-35 (Donot Team) Template Injection
December 18, 2020Severity
Medium
Analysis Summary
CVE-2020-27254
The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information.
Impact
Information disclosure
Affected Vendors
Emerson
Affected Products
- X-STREAM enhanced XEGP – all revisions
- X-STREAM enhanced XEGK – all revisions
- X-STREAM enhanced XEFD – all revisions
- X-STREAM enhanced XEXF – all revisions
Remediation
Users are advised to update to a fixed version.