Vulnerability CVE-2020-36531


Published: 2022-06-07

Description:
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely.

Type:

CWE-1236

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6/10
6.4/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
IBM -> Sevone network performance management 

 References:
https://vuldb.com/?id.162263
http://seclists.org/fulldisclosure/2020/Oct/5

Copyright 2024, cxsecurity.com

 

Back to Top