CVE-2020-21934 : An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.

Published 2021-07-21 15:15:13

Updated 2022-06-28 14:11:45

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2020-21934

Motorola » Cx2 Firmware » Version: 1.0.2
cpe:2.3:o:motorola:cx2_firmware:1.0.2:*:*:*:*:*:*:*
Matching versions
When used together with: Motorola » CX2 » Version: N/A

EPSS FAQ

0.31%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 51 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Assigned by: nvd@nist.gov (Primary)

Jump to