CVE-2020-8097
Summary
| CVE | CVE-2020-8097 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-08-30 21:15:00 UTC |
| Updated | 2020-09-04 16:50:00 UTC |
| Description | An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bitdefender | Endpoint Security | All | All | All | All |
| Application | Bitdefender | Endpoint Security | All | All | All | All |
| Application | Bitdefender | Endpoint Security Tools | All | All | All | All |
| Application | Bitdefender | Endpoint Security Tools | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Improper authentication vulnerability in Bitdefender Endpoint Security Tools and Endpoint Security SDK (VA-8646) - Bitdefender | MISC | www.bitdefender.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Nicolas VERDIER, Senior IT Security Consultant at Tehtris
There are currently no legacy QID mappings associated with this CVE.