Vulnerability Details CVE-2020-14945
A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.152
EPSS Ranking 94.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities
- https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14945%20-%20Privilege%20Escalation.md
- https://www.exploit-db.com/exploits/48649
- https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities
- https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14945%20-%20Privilege%20Escalation.md
- https://www.exploit-db.com/exploits/48649
Products affected by CVE-2020-14945
-
cpe:2.3:a:globalradar:bsa_radar:-
-
cpe:2.3:a:globalradar:bsa_radar:1.6.7234.24750