CVE-2020-36531

Description

A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely.

Related CPE's

aibmsevone_network_performance_management********

References

https://vuldb.com/?id.162263

Third Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2020/Oct/5

Mailing ListThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

PARTIAL

AvailabilityImpact

PARTIAL

IntegrityImpact

PARTIAL

BaseScore

6

VectorString

AV:N/AC:M/Au:S/C:P/I:P/A:P

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE

Created by Yello
About Severity.io