Unauthenticated User Manipulation in Symmetricom SyncServer Devices

Unauthenticated User Manipulation in Symmetricom SyncServer Devices

CVE-2020-9034 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users.

Learn more about our Cis Benchmark Audit For Server Software.