PT-2020-16036 · Hyland · Hyland Onbase

Published

2020-09-11

Updated

2022-06-30

CVE-2020-25250

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Hyland OnBase versions 16.0.2.83 and below Hyland OnBase versions 17.0.2.109 and below Hyland OnBase versions 18.0.0.37 and below Hyland OnBase versions 19.8.16.1000 and below Hyland OnBase versions 20.3.10.1000 and below

Description An issue allows client applications to write arbitrary data to the server logs.

Recommendations For versions 16.0.2.83 and below, update to a version above 16.0.2.83. For versions 17.0.2.109 and below, update to a version above 17.0.2.109. For versions 18.0.0.37 and below, update to a version above 18.0.0.37. For versions 19.8.16.1000 and below, update to a version above 19.8.16.1000. For versions 20.3.10.1000 and below, update to a version above 20.3.10.1000.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-25250

Affected Products

Hyland Onbase

PT-2020-16036 · Hyland · Hyland Onbase

CVE-2020-25250

Related Identifiers

Affected Products

References · 3