CVE-2020-36530

MEDIUM

SevOne Network Performance Management 5.7.2.0-5.7.2.22 - SQL Injection in Alert Summary

Title source: llm
STIX 2.1

Description

A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely.

References (2)

Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2020/Oct/5
Third Party Advisory, VDB Entry x_refsource_misc
https://vuldb.com/?id.162262

Scores

CVSS v3 6.3
EPSS 0.0078
EPSS Percentile 51.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
ibm/sevone_network_performance_management 5.7.2.0 - 5.7.2.22
Published Jun 07, 2022
Tracked Since Feb 18, 2026