CVE advisoryKnown Exploit
CVE-2020-8657
EyesOfNetwork API Key Vulnerability Allows Unauthorized Access.
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An EyesOfNetwork installation contains a hardcoded API key that allows unauthorized access, enabling attackers to calculate the administrative access token. This can lead to unauthorized administrative control over the system. Organizations face business risk from potential data compromise and system disruption.