CVE-2020-11720

Name of the Vulnerable Software and Affected Versions Programi Bilanc build 007 release 014 31.01.2020 and possibly below

Description An issue was discovered in Programi Bilanc where it sets up administrative access by default with the account admin and password 0000 during installation. After the installation, users/admins are not prompted to change this password.

Recommendations For Programi Bilanc build 007 release 014 31.01.2020 and possibly below, consider changing the default administrative password 0000 to a strong password after installation to prevent unauthorized access. As a temporary workaround, restrict access to the administrative account admin until a more secure configuration can be implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.