CVE-2020-36530
MEDIUMSevOne Network Performance Management 5.7.2.0-5.7.2.22 - SQL Injection in Alert Summary
Title source: llmDescription
A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely.
References (2)
Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2020/Oct/5
Third Party Advisory, VDB Entry x_refsource_misc
https://vuldb.com/?id.162262
Scores
CVSS v3
6.3
EPSS
0.0078
EPSS Percentile
51.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-89
Status
published
Products (1)
ibm/sevone_network_performance_management
5.7.2.0 - 5.7.2.22
Published
Jun 07, 2022
Tracked Since
Feb 18, 2026