{"containers":{"cna":{"affected":[{"product":"Network Management System","vendor":"SevOne","versions":[{"status":"affected","version":"5.7.2.0"},{"status":"affected","version":"5.7.2.1"},{"status":"affected","version":"5.7.2.2"},{"status":"affected","version":"5.7.2.3"},{"status":"affected","version":"5.7.2.4"},{"status":"affected","version":"5.7.2.5"},{"status":"affected","version":"5.7.2.6"},{"status":"affected","version":"5.7.2.7"},{"status":"affected","version":"5.7.2.8"},{"status":"affected","version":"5.7.2.9"},{"status":"affected","version":"5.7.2.10"},{"status":"affected","version":"5.7.2.11"},{"status":"affected","version":"5.7.2.12"},{"status":"affected","version":"5.7.2.13"},{"status":"affected","version":"5.7.2.14"},{"status":"affected","version":"5.7.2.15"},{"status":"affected","version":"5.7.2.16"},{"status":"affected","version":"5.7.2.17"},{"status":"affected","version":"5.7.2.18"},{"status":"affected","version":"5.7.2.19"},{"status":"affected","version":"5.7.2.20"},{"status":"affected","version":"5.7.2.21"},{"status":"affected","version":"5.7.2.22"}]}],"credits":[{"lang":"en","value":"Calvin Phang"}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-74","description":"CWE-74 Injection","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-06-03T19:10:41.000Z","orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB"},"references":[{"tags":["x_refsource_MISC"],"url":"http://seclists.org/fulldisclosure/2020/Oct/5"},{"tags":["x_refsource_MISC"],"url":"https://vuldb.com/?id.162263"}],"title":"SevOne Network Management System Device Manager Page injection","x_generator":"vuldb.com","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cna@vuldb.com","ID":"CVE-2020-36531","REQUESTER":"cna@vuldb.com","STATE":"PUBLIC","TITLE":"SevOne Network Management System Device Manager Page injection"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Network Management System","version":{"version_data":[{"version_value":"5.7.2.0"},{"version_value":"5.7.2.1"},{"version_value":"5.7.2.2"},{"version_value":"5.7.2.3"},{"version_value":"5.7.2.4"},{"version_value":"5.7.2.5"},{"version_value":"5.7.2.6"},{"version_value":"5.7.2.7"},{"version_value":"5.7.2.8"},{"version_value":"5.7.2.9"},{"version_value":"5.7.2.10"},{"version_value":"5.7.2.11"},{"version_value":"5.7.2.12"},{"version_value":"5.7.2.13"},{"version_value":"5.7.2.14"},{"version_value":"5.7.2.15"},{"version_value":"5.7.2.16"},{"version_value":"5.7.2.17"},{"version_value":"5.7.2.18"},{"version_value":"5.7.2.19"},{"version_value":"5.7.2.20"},{"version_value":"5.7.2.21"},{"version_value":"5.7.2.22"}]}}]},"vendor_name":"SevOne"}]}},"credit":"Calvin Phang","data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely."}]},"generator":"vuldb.com","impact":{"cvss":{"baseScore":"6.3","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-74 Injection"}]}]},"references":{"reference_data":[{"name":"http://seclists.org/fulldisclosure/2020/Oct/5","refsource":"MISC","url":"http://seclists.org/fulldisclosure/2020/Oct/5"},{"name":"https://vuldb.com/?id.162263","refsource":"MISC","url":"https://vuldb.com/?id.162263"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T17:30:08.415Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2020/Oct/5"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://vuldb.com/?id.162263"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-14T17:14:30.191392Z","id":"CVE-2020-36531","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-15T14:36:06.194Z"}}]},"cveMetadata":{"assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","cveId":"CVE-2020-36531","datePublished":"2022-06-03T19:10:41.000Z","dateReserved":"2022-06-03T00:00:00.000Z","dateUpdated":"2025-04-15T14:36:06.194Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}