First published: Mon Feb 15 2021(Updated: )
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports.
Credit: info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mbconnectline Mbconnect24 | <=2.6.2 | |
Mbconnectline Mymbconnect24 | <=2.6.2 |
Update to v2.7.1
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-12529 is a vulnerability in MB connect line mymbCONNECT24 and mbCONNECT24 software, allowing an attacker to scan for open ports through SSRF in the LDAP access check.
The severity level of CVE-2020-12529 is medium, with a severity value of 5.3.
MB connect line mymbCONNECT24 and mbCONNECT24 software versions up to and including V2.6.2 are affected by CVE-2020-12529.
The Common Weakness Enumeration (CWE) ID associated with CVE-2020-12529 is CWE-918.
More information about CVE-2020-12529 can be found at the following reference: [https://cert.vde.com/de-de/advisories/vde-2021-003](https://cert.vde.com/de-de/advisories/vde-2021-003).