← Voltar para CVEs
CVE-2020-36946
HIGH7.5
Descricao
SyncBreeze 10.0.28 contains a denial of service vulnerability in the login endpoint that allows remote attackers to crash the service. Attackers can send an oversized payload in the login request to overwhelm the application and potentially disrupt service availability.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado1/27/2026
Ultima modificacao3/24/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
flexense:syncbreeze
Fraquezas (CWE)
CWE-770
Referencias
http://www.syncbreeze.com(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/49291(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/syncbreeze-login-denial-of-service(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/49291(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.