VDB-162262 · CVE-2020-36530 · GCVE-100-162262

SevOne Network Management System ଯେପର୍ଯ୍ୟନ୍ତ 5.7.2.22 Alert Summary SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame SevOne Network Management System ଯେପର୍ଯ୍ୟନ୍ତ 5.7.2.22 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne kutaa Alert Summary keessa. Dhugumatti jijjiirraa gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-89 si geessa. Beekumsi kun yeroo 10/02/2020 ifoomsifameera kan ifoomsise Calvin Phang waliin SEC Consult Vulnerability Lab akka SEC Consult SA-20201002-0 akka Mailinglist Post. Odeeffannoon kun buufachuuf seclists.org irratti dhiyaateera. Beeksisni uummataaf gad-lakkifamuu gurgurtaa waliin waliigalteedhaan taasifameera. Dogoggorri kun maqaa CVE-2020-36530 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa hin jiru. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Hanqinni kun guyyoota 59 ol tajaajila zero-day kan hin beekkaminitti fayyadamee ture. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 50 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/04/2020 01:08 PM	ଅଦ୍ୟତନ 1/2 10/04/2020 02:06 PM	ଅଦ୍ୟତନ 2/2 06/03/2022 08:32 PM
advisory_identifier	SEC Consult SA-20201002-0	SEC Consult SA-20201002-0	SEC Consult SA-20201002-0
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_ci	P	P	P
advisory_coordination	1	1	1
vulnerability_cwe	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
cvss3_vuldb_ui	N	N	N
cvss2_vuldb_au	S	S	S
company_website	https://www.sec-consult.com	https://www.sec-consult.com	https://www.sec-consult.com
exploit_publicity	0	0	0
developer_name	Calvin Phang	Calvin Phang	Calvin Phang
cvss2_vuldb_ii	P	P	P
software_name	Network Management System	Network Management System	Network Management System
company_name	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab
cvss3_vuldb_rl	U	U	U
cvss2_vuldb_rl	U	U	U
person_name	Calvin Phang	Calvin Phang	Calvin Phang
company_website	https://www.sec-consult.com	https://www.sec-consult.com	https://www.sec-consult.com
cvss3_vuldb_rc	X	X	X
cvss2_vuldb_rc	ND	ND	ND
company_name	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab
cvss3_vuldb_a	L	L	L
advisory_url	http://seclists.org/fulldisclosure/2020/Oct/5	http://seclists.org/fulldisclosure/2020/Oct/5	http://seclists.org/fulldisclosure/2020/Oct/5
advisory_type	Mailinglist Post	Mailinglist Post	Mailinglist Post
vulnerability_vendorinformdate	1596492000 (08/04/2020)	1596492000 (08/04/2020)	1596492000 (08/04/2020)
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
software_vendor	SevOne	SevOne	SevOne
cvss3_vuldb_av	N	N	N
cvss3_vuldb_c	L	L	L
cvss3_vuldb_e	X	X	X
advisory_date	1601589600 (10/02/2020)	1601589600 (10/02/2020)	1601589600 (10/02/2020)
software_version	<=5.7.2.22	<=5.7.2.22	<=5.7.2.22
vulnerability_risk	2	2	2
cvss3_vuldb_i	L	L	L
exploit_availability	1	1	1
exploit_wormified	0	0	0
cvss2_vuldb_e	ND	ND	ND
software_component	Alert Summary	Alert Summary	Alert Summary
cvss2_vuldb_ai	P	P	P
cvss3_vuldb_s		U	U
cvss2_vuldb_basescore		6.0	6.0
cvss2_vuldb_tempscore		6.0	6.0
cvss3_vuldb_basescore		6.3	6.3
cvss3_vuldb_tempscore		6.3	6.3
cvss3_meta_basescore		6.3	6.3
cvss3_meta_tempscore		6.3	6.3
price_0day		$0-$5k	$0-$5k
source_cve			CVE-2020-36530
cna_responsible			VulDB

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you know our Splunk app?

Download it now for free!