CVE-2020-10620

IMPROPER AUTHORIZATION CWE-285
SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely.

Risk Information

  • CVE ID
  • CVE-2020-10620
  • Vendor
  • Opto22
  • Product
  • SoftPAC
  • CVSS v3
  • 9.8