U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVSS v3.1 Statistics for Crafter CMS as of 10/10/2020

2
16
 
2
8
Reference
0-69.9%
Reference
50.0
Contributor
70-94.9%
 
Provider
95-100%
CVE CNA Value Alignment NIST Value Reason
CVE-2020-25802   (4 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) High Privileges Required (PR) High
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) High No limiting factors for confidentiality listed
Integrity (I) None Integrity (I) High No limiting factors for integrity listed
Availability (A) High Availability (A) High
CVE-2020-25803   (4 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) High Privileges Required (PR) High
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) High No limiting factors for confidentiality listed
Integrity (I) None Integrity (I) High No limiting factors for integrity listed
Availability (A) High Availability (A) High