CVE-2020-9045
Summary
| CVE | CVE-2020-9045 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-05-21 15:15:00 UTC |
| Updated | 2022-10-13 16:02:00 UTC |
| Description | During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation. |
Risk And Classification
Problem Types: CWE-312
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Johnsoncontrols | C-cure 9000 Firmware | 2.70 | All | All | All |
| Operating System | Johnsoncontrols | C-cure 9000 Firmware | 2.70 | All | All | All |
| Application | Swhouse | C-cure 9000 | 2.70 | All | All | All |
| Application | Swhouse | C-cure 9000 | 2.70 | All | All | All |
| Application | Tyco | Victor Video Management System | 5.2 | All | All | All |
| Application | Tyco | Victor Video Management System | 5.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Product Security Advisories | CONFIRM | www.johnsoncontrols.com | Patch, Vendor Advisory |
| Johnson Controls Software House C-CURE 9000 and American Dynamics victor VMS | CISA | CERT | www.us-cert.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.