{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80923?format=json","vulnerability_id":"VCID-b768-gzr4-fbge","summary":"foreman: world-readable OMAPI secret through the ISC DHCP server","aliases":[{"alias":"CVE-2020-14335"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102126?format=json","purl":"pkg:rpm/redhat/foreman@2.3.1.20-1?arch=el7sat","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1xgz-hwng-n3eq"},{"vulnerability":"VCID-31xv-z8c6-a7bg"},{"vulnerability":"VCID-6wbv-1r3c-akd3"},{"vulnerability":"VCID-895a-ydc5-zfg6"},{"vulnerability":"VCID-a6sp-18av-wya6"},{"vulnerability":"VCID-b768-gzr4-fbge"},{"vulnerability":"VCID-es1t-7196-4kbb"},{"vulnerability":"VCID-mnkw-23eu-bkgc"},{"vulnerability":"VCID-q4x5-bxn7-5yht"},{"vulnerability":"VCID-t684-yp58-hkg8"},{"vulnerability":"VCID-vhdm-w6p1-uuh9"},{"vulnerability":"VCID-yw62-qbkq-9ygq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/foreman@2.3.1.20-1%3Farch=el7sat"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14335.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14335","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28245","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28316","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2815","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28259","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28264","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2822","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28162","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28175","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28157","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28112","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28028","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27838","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14335"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1858302","reference_id":"1858302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1858302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1313","reference_id":"RHSA-2021:1313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1313"}],"weaknesses":[{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."}],"exploits":[],"severity_range_score":"5.8 - 5.8","exploitability":"0.5","weighted_severity":"5.2","risk_score":2.6,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b768-gzr4-fbge"}