CVE-2020-9137
Severity
6.7MEDIUM
EPSS
0.0%
top 92.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 24
Latest updateMay 24
Description
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9
Affected Packages4 packages
🔴Vulnerability Details
2GHSA▶
GHSA-2v2m-677r-5j24: There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800↗2022-05-24
CVEList▶
CVE-2020-9137: There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800↗2020-12-24