Home
HIGH: 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NHIGH: 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HDefault status
unaffected
0.0.0 (semver) before 2.20.2
affected
Default status
unaffected
0.0.0 (semver) before 2.20.2
affected
Default status
unaffected
2.20.1
affected
Default status
unaffected
2.20.1
affected
Description
An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability.
Problem types
CWE-425 Direct Request ('Forced Browsing')
Product status
0.0.0 (semver) before 2.20.2
0.0.0 (semver) before 2.20.2
2.20.1
2.20.1
References
www.certvde.com/en/advisories/VDE-2026-068/