{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T15:09:36.303","vulnerabilities":[{"cve":{"id":"CVE-2020-28390","sourceIdentifier":"productcert@siemens.com","published":"2021-01-12T21:15:18.043","lastModified":"2024-11-21T05:22:42.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Opcenter Execution Core (V8.2), Opcenter Execution Core (V8.3). The application contains an information leakage vulnerability in the handling of web client sessions. A local attacker who has access to the Web Client Session Storage could disclose the passwords of currently logged-in users."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Opcenter Execution Core (versión V8.2), Opcenter Execution Core (versión V8.3). La aplicación contiene una vulnerabilidad de filtrado de información en el manejo de sesiones de cliente web. Un atacante local que tenga acceso al almacenamiento de sesión del cliente web podría revelar las contraseñas de los usuarios que han iniciado sesión actualmente"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:opcenter_execution_core:8.2:*:*:*:*:*:*:*","matchCriteriaId":"19CF8C8B-5478-45C3-969F-9B3FD516F1FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:opcenter_execution_core:8.3:*:*:*:*:*:*:*","matchCriteriaId":"448F0FD8-736E-4432-8520-5516D86C768D"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-051/","source":"productcert@siemens.com","tags":["Not Applicable"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-051/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}}]}