CVE-2020-12000

CVE-2020-12000

Vendor N/A
Product Ignition 8 Gateway
Weakness CWE-502 · Unsafe deserialization
Published June 9, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.

Key dates

02Disclosure timeline

June 9, 2020 CVE published
August 4, 2024 Record updated