CVE-2020-12487
7
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Summary
Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| vivo | ABE | Versions earlier than 4.4.0.9 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.