CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-11847

SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.6%

CVSS Severity

CVSS v3 Score 8.2

References

https://www.netiq.com/documentation/privileged-account-manager-37/npam_3701_releasenotes/data/npam_3701_releasenotes.html

Products affected by CVE-2020-11847

Microfocus » Netiq Privileged Access Manager » Version: Any

cpe:2.3:a:microfocus:netiq_privileged_access_manager:*
Microfocus » Netiq Privileged Access Manager » Version: 3.7

cpe:2.3:a:microfocus:netiq_privileged_access_manager:3.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11847

Products

Pricing

Contact Us