CVE-2020-36531

MEDIUM

IBM Sevone Network Performance Management - Privilege Escalation

Title source: rule

Description

A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely.

References (2)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Oct/5

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.162263

Scores

CVSS v3 6.3

EPSS 0.0044

EPSS Percentile 63.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-74 CWE-1236

Status published

Products (1)

ibm/sevone_network_performance_management 5.7.2.0 - 5.7.2.22

Published Jun 07, 2022

Tracked Since Feb 18, 2026