November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE-2020-3999 – VMware Multiple Products DoS Vulnerability
December 18, 2020Rewterz Threat Alert – APT C-35 (Donot Team) Template Injection
December 18, 2020Rewterz Threat Advisory – CVE-2020-3999 – VMware Multiple Products DoS Vulnerability
December 18, 2020Rewterz Threat Alert – APT C-35 (Donot Team) Template Injection
December 18, 2020
Severity
Medium
Analysis Summary
CVE-2020-27254
The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information.
Impact
Information disclosure
Affected Vendors
Emerson
Affected Products
- X-STREAM enhanced XEGP – all revisions
- X-STREAM enhanced XEGK – all revisions
- X-STREAM enhanced XEFD – all revisions
- X-STREAM enhanced XEXF – all revisions
Remediation
Users are advised to update to a fixed version.