CVE Vulnerabilities

CVE-2020-19417

Published: Mar 10, 2021 | Modified: Jul 12, 2022

CVSS 3.x

8.8

HIGH

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.x

9 HIGH

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-19417
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account maint) to perform administrative tasks by sending specially crafted HTTP requests to the application.

Affected Software

Name	Vendor	Start Version	End Version
Wireless_1420_gateway_firmware	Emerson	4.6.59 (including)	4.6.59 (including)

References

http://packetstormsecurity.com/files/161700/Emerson-Smart-Wireless-Gateway-1420-4.6.59-Privilege-Escalation.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.