CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10787

An elevation of privilege in Vesta Control Panel through 0.9.8-26 allows an attacker to gain root system access from the admin account via v-change-user-password (aka the user password change script).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

Products affected by CVE-2020-10787

Vestacp » Vesta Control Panel » Version: 0.9.7-0

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-0
Vestacp » Vesta Control Panel » Version: 0.9.7-13

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-13
Vestacp » Vesta Control Panel » Version: 0.9.7-14

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-14
Vestacp » Vesta Control Panel » Version: 0.9.7-15

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-15
Vestacp » Vesta Control Panel » Version: 0.9.7-16

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-16
Vestacp » Vesta Control Panel » Version: 0.9.7-17

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-17
Vestacp » Vesta Control Panel » Version: 0.9.7-18

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-18
Vestacp » Vesta Control Panel » Version: 0.9.7-19

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-19
Vestacp » Vesta Control Panel » Version: 0.9.7-20

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-20
Vestacp » Vesta Control Panel » Version: 0.9.7-21

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-21
Vestacp » Vesta Control Panel » Version: 0.9.7-22

cpe:2.3:a:vestacp:vesta_control_panel:0.9.7-22
Vestacp » Vesta Control Panel » Version: 0.9.8-1

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-1
Vestacp » Vesta Control Panel » Version: 0.9.8-10

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-10
Vestacp » Vesta Control Panel » Version: 0.9.8-11

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-11
Vestacp » Vesta Control Panel » Version: 0.9.8-12

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-12
Vestacp » Vesta Control Panel » Version: 0.9.8-13

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-13
Vestacp » Vesta Control Panel » Version: 0.9.8-14

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-14
Vestacp » Vesta Control Panel » Version: 0.9.8-15

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-15
Vestacp » Vesta Control Panel » Version: 0.9.8-16

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-16
Vestacp » Vesta Control Panel » Version: 0.9.8-17

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-17
Vestacp » Vesta Control Panel » Version: 0.9.8-18

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-18
Vestacp » Vesta Control Panel » Version: 0.9.8-19

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-19
Vestacp » Vesta Control Panel » Version: 0.9.8-2

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-2
Vestacp » Vesta Control Panel » Version: 0.9.8-20

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-20
Vestacp » Vesta Control Panel » Version: 0.9.8-21

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-21
Vestacp » Vesta Control Panel » Version: 0.9.8-22

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-22
Vestacp » Vesta Control Panel » Version: 0.9.8-23

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-23
Vestacp » Vesta Control Panel » Version: 0.9.8-24

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-24
Vestacp » Vesta Control Panel » Version: 0.9.8-26

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-26
Vestacp » Vesta Control Panel » Version: 0.9.8-3

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-3
Vestacp » Vesta Control Panel » Version: 0.9.8-4

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-4
Vestacp » Vesta Control Panel » Version: 0.9.8-5

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-5
Vestacp » Vesta Control Panel » Version: 0.9.8-6

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-6
Vestacp » Vesta Control Panel » Version: 0.9.8-7

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-7
Vestacp » Vesta Control Panel » Version: 0.9.8-8

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-8
Vestacp » Vesta Control Panel » Version: 0.9.8-9

cpe:2.3:a:vestacp:vesta_control_panel:0.9.8-9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10787

Products

Pricing

Contact Us