CVE-2020-19676

EPSS 0.38% · P59 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-19676

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Nacos 1.1.4 is affected by: Incorrect Access Control. An environment can be set up locally to get the service details interface. Then other Nacos service names can be accessed through the service list interface. Service details can then be accessed when not logged in. (detail:https://github.com/alibaba/nacos/issues/2284)

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Nacos 信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

nacos是中国阿里巴巴（Alibaba）的一个动态服务发现、配置和服务管理平台。该软件支持基于 DNS 和基于 RPC 的服务发现，可提供提供实时健康检查，阻止服务向不健康的主机或服务实例发送请求等功能。 Nacos 1.1.4版本存在安全漏洞，攻击者可利用该漏洞可以在本地设置环境以获取服务详细信息界面。然后可以通过服务列表界面访问其他Nacos服务名称。未登录时即可访问服务详细信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-19676

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-19676

请登录查看更多情报信息。

https://github.com/alibaba/nacos/issues/2284x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-19676

Same Patch Batch · n/a · 2020-09-30 · 45 CVEs total

CVE-2020-26160	7.5 HIGH	jwt-go 安全漏洞
CVE-2020-14375		Ubuntu DPDK 代码问题漏洞
CVE-2020-13951		Apache OpenMeetings 安全漏洞
CVE-2020-25816		HashiCorp Vault和Vault Enterprise 安全漏洞
CVE-2020-25830		MantisBT 跨站脚本漏洞
CVE-2020-12870		RainbowFish PacsOne Server SQL注入漏洞
CVE-2020-12715		RainbowFish PacsOne Server 代码问题漏洞
CVE-2020-13952		Apache Superset 安全漏洞
CVE-2020-12869		RainbowFish PacsOne Server 跨站脚本漏洞
CVE-2020-25781		MantisBT 安全漏洞
CVE-2020-14376		Ubuntu DPDK 缓冲区错误漏洞
CVE-2020-14374		Ubuntu DPDK copy_data安全漏洞
CVE-2020-15849		desk2.3 SettingsController SQL注入漏洞
CVE-2020-15488		desk 代码问题漏洞
CVE-2020-15487		Desk SQL注入漏洞
CVE-2020-24721		Google Apple GAEN 安全漏洞
CVE-2020-19672		Niushop B2B2C 代码问题漏洞
CVE-2019-18991		Qualcomm 芯片和D-Link DWR-116授权问题漏洞
CVE-2019-18990		多款 Realtek 授权问题漏洞
CVE-2019-18989		Mediatek MT7620N 授权问题漏洞

Showing top 20 of 45 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-19676

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-19676

I. Basic Information for CVE-2020-19676

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-19676

III. Intelligence Information for CVE-2020-19676

Same Patch Batch · n/a · 2020-09-30 · 45 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-19676

Leave a comment