CVE-2020-6972

CVE-2020-6972

Vendor Honeywell
Product Notifier Web Server (NWS) Version 3.50 and earlier
Weakness CWE-294
Published March 24, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.

Key dates

02Disclosure timeline

March 24, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE