|Impact||CVSS V3 rating: 7.5 (HIGH)|
|Reported on||12th April 2020|
|Reported by||@kuncho, an independent Security Researcher|
|Fixed on||20th April 2020|
|Affected Builds||→ Builds 12.3.xxx - 12.4.195
→ Build 12.5.000 - 12.5.119
|Fixed in||Build 12.4.196, 12.5.120|
|Overview||Unauthenticated access to API key disclosure from a servlet call|
→ For builds 12.3.xxx - 12.4.195, please upgrade to Firewall Analyzer version 12.4.196.
→ For Builds 12.5.000 - 12.5.119, please upgrade to Firewall Analyzer version 12.5.120.
Unauthenticated access to API key disclosure from a servlet call.
We recommend that you upgrade to Firewall Analyzer version 12.4.196 / Firewall Analyzer version 12.5.120 (for builds 125000 - 125119) or contact our support team at firstname.lastname@example.org to fix the issue.
Source and Acknowledgements
Find out more about CVE-2020-11946 from the CVE dictionary.