CVE-2020-11919

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection.

CVSS v3 8.0 HIGH

8.0^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://seclists.org/fulldisclosure/2024/Jul/14	Mailing List Third Party Advisory Exploit

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:svakom:svakom_siime_eye_firmware:14.1.00000001.3.330.0.0.3.14:*:*:*:*:*:*:*

cpe:2.3:h:svakom:svakom_siime_eye:-:*:*:*:*:*:*:*

History

24 Apr 2025, 13:42

Type	Values Removed	Values Added
References	~~() https://seclists.org/fulldisclosure/2024/Jul/14 -~~	() https://seclists.org/fulldisclosure/2024/Jul/14 - Mailing List, Third Party Advisory, Exploit
First Time		Svakom Svakom svakom Siime Eye Firmware Svakom svakom Siime Eye
CPE		cpe:2.3:o:svakom:svakom_siime_eye_firmware:14.1.00000001.3.330.0.0.3.14:::::::* cpe:2.3:h:svakom:svakom_siime_eye:-:::::::*

08 Nov 2024, 19:01

Type	Values Removed	Values Added
Summary		(es) Se descubrió un problema en Siime Eye 14.1.00000001.3.330.0.0.3.14. No hay protección CSRF.

07 Nov 2024, 21:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 8.0

07 Nov 2024, 19:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CWE		CWE-352

07 Nov 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-07 18:15

Updated : 2025-04-24 13:42

NVD link : CVE-2020-11919

Mitre link : CVE-2020-11919

CVE.ORG link : CVE-2020-11919

JSON object : View

Products Affected

svakom

svakom_siime_eye_firmware
svakom_siime_eye

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

8.0 /10