Lucene search

PRIOn knowledge basePRION:CVE-2020-5147

HistoryJan 09, 2021 - 1:15 a.m.

Design/Logic Flaw

2021-01-0901:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

5.3 Medium

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

22.0%

JSON

SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.

CPENameOperatorVersion
netextenderle10.2.300

CPE	Name	Operator	Version
	netextender	le	10.2.300

References

packetstormsecurity.com/files/163857/SonicWall-NetExtender-10.2.0.300-Unquoted-Service-Path.html

psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0023

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

5.3 Medium

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

22.0%

JSON

Related for PRION:CVE-2020-5147