ID
VAR-202102-0392
CVE
CVE-2020-29022
TITLE
GateManager Web server Vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2020-011438
DESCRIPTION
Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3. GateManager Web server Contains an unspecified vulnerability.Information may be obtained. Secomea GateManager is a remote access server product of Secomea, Denmark
Trust: 2.16
sources:
NVD: CVE-2020-29022 //
JVNDB: JVNDB-2020-011438 //
CNVD: CNVD-2021-18014
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2021-18014
AFFECTED PRODUCTS
| vendor: | secomea | model: | gatemanager 9250 | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | secomea | model: | gatemanager 8250 | scope: | lt | version: | 9.3 | Trust: 1.0 |
| vendor: | secomea | model: | gatemanager 4260 | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | secomea | model: | gatemanager 4250 | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | b r industrial automation | model: | gatemanager 4250 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | b r industrial automation | model: | gatemanager 4260 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | b r industrial automation | model: | gatemanager 8250 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | b r industrial automation | model: | gatemanager 9250 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | secomea | model: | gatemanager | scope: | lt | version: | 9.3 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-18014 //
JVNDB: JVNDB-2020-011438 //
NVD: CVE-2020-29022
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2021-18014 //
JVNDB: JVNDB-2020-011438 //
CNNVD: CNNVD-202102-1222 //
NVD: CVE-2020-29022 //
NVD: CVE-2020-29022
PROBLEMTYPE DATA
| problemtype: | CWE-159 | Trust: 1.0 |
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
| problemtype: | Lack of information (CWE-noinfo) [NVD Evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-011438 //
NVD: CVE-2020-29022
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202102-1222
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202102-1222
PATCH
| title: | RD-2923 | url: | https://www.secomea.com/support/cybersecurity-advisory/#2923 | Trust: 0.8 |
| title: | Patch for Secomea GateManager has unspecified vulnerabilities | url: | https://www.cnvd.org.cn/patchInfo/show/253281 | Trust: 0.6 |
| title: | Sanitize and Secomea GateManager Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142418 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-18014 //
JVNDB: JVNDB-2020-011438 //
CNNVD: CNNVD-202102-1222
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-29022 | Trust: 3.0 |
| db: | JVNDB | id: | JVNDB-2020-011438 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2021-18014 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202102-1222 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-18014 //
JVNDB: JVNDB-2020-011438 //
CNNVD: CNNVD-202102-1222 //
NVD: CVE-2020-29022
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-29022 | Trust: 2.0 |
| url: | https://www.secomea.com/support/cybersecurity-advisory/#2923 | Trust: 1.6 |
sources:
CNVD: CNVD-2021-18014 //
JVNDB: JVNDB-2020-011438 //
CNNVD: CNNVD-202102-1222 //
NVD: CVE-2020-29022
SOURCES
| db: | CNVD | id: | CNVD-2021-18014 |
| db: | JVNDB | id: | JVNDB-2020-011438 |
| db: | CNNVD | id: | CNNVD-202102-1222 |
| db: | NVD | id: | CVE-2020-29022 |
LAST UPDATE DATE
2024-11-23T21:51:03.080000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2021-18014 | date: | 2021-03-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-011438 | date: | 2021-04-02T05:28:00 |
| db: | CNNVD | id: | CNNVD-202102-1222 | date: | 2021-03-09T00:00:00 |
| db: | NVD | id: | CVE-2020-29022 | date: | 2024-11-21T05:23:31.880 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2021-18014 | date: | 2021-03-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-011438 | date: | 2021-04-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-202102-1222 | date: | 2021-02-16T00:00:00 |
| db: | NVD | id: | CVE-2020-29022 | date: | 2021-02-16T16:15:12.533 |