What is the CVSS score of CVE-2020-37115?

CVE-2020-37115 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Open Eclass Platform are affected by CVE-2020-37115?

CVE-2020-37115 presents notable security risk rated CVSS 6.5. Exploitation could compromise the security of affected deployments. Proof-of-concept code is publicly available.

Is there a public PoC exploit available for CVE-2020-37115?

Yes, a public proof-of-concept exploit is available for CVE-2020-37115. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2020-37115?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Open Eclass Platform CVE-2020-37115

MEDIUM

Plaintext Storage of a Password (CWE-256)

2026-02-03 disclosure@vulncheck.com

Authentication Bypass Open Eclass Platform

6.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

6.5 MEDIUM

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 10, 2026 - 21:10 vuln.today

Public exploit code

CVE Published

Feb 03, 2026 - 18:16 nvd

MEDIUM 6.5

DescriptionCVE.org

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access.

AnalysisAI

Technical ContextAI

Affects Open Eclass Platform. GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

CVE-2020-37115 vulnerability details – vuln.today

Back

Open Eclass Platform CVE-2020-37115

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code