Lucene search

MitreCVELIST:CVE-2019-11847

HistoryAug 21, 2020 - 6:40 p.m.

CVE-2019-11847 ALEOS User Root Shell Escalation

2020-08-2118:40:24

mitre

www.cve.org

cve-2019-11847

aleos

user shell escalation

privilege management

command shell

root escalation

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

55.3%

JSON

An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell.

References

source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-004/

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

55.3%

JSON

Related for CVELIST:CVE-2019-11847