Vulnerability Details : CVE-2020-7119
A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user.
Products affected by CVE-2020-7119
- Arubanetworks » Analytics And Location EngineVersions from including (>=) 2.1.0.0 and before (<) 2.1.0.3cpe:2.3:a:arubanetworks:analytics_and_location_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:arubanetworks:analytics_and_location_engine:2.0.0.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-7119
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-7119
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:P/A:N |
8.0
|
2.9
|
NIST | |
4.9
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N |
1.2
|
3.6
|
NIST |
References for CVE-2020-7119
Jump to