Vulnerabilities > CVE-2020-12776 - Incorrect Authorization vulnerability in Openfind Mail2000 7.0

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
openfind
CWE-863
critical

Summary

Openfind Mail2000 contains Broken Access Control vulnerability, which can be used to execute unauthorized commands after attackers obtain the administrator access token or cookie.

Vulnerable Configurations

Part Description Count
Application
Openfind
1

Common Weakness Enumeration (CWE)