CVE-2020-5723

CVE-2020-5723

Vendor N/A
Product Grandstream UCM6200 series
Weakness CWE-312 · Cleartext storage
Published March 30, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges.

Key dates

02Disclosure timeline

March 30, 2020 CVE published
August 4, 2024 Record updated