CVE-2020-36530

SevOne Network Management System Alert Summary sql injection

CVSS 6.3 MEDIUMEPSS 0.8%CWE-89

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.3EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

03 Jun 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

SevOne · Network Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2020/Oct/5 https://vuldb.com/?id.162262