CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25564

In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://vuln.shellcoder.party/2020/09/19/cve-2020-25564-sapphireims-unprivileged-user-remote-command-execution-create-local-admin-on-clients/
https://vuln.shellcoder.party/tags/sapphireims/
https://vuln.shellcoder.party/2020/09/19/cve-2020-25564-sapphireims-unprivileged-user-remote-command-execution-create-local-admin-on-clients/
https://vuln.shellcoder.party/tags/sapphireims/

Products affected by CVE-2020-25564

Sapphireims » Sapphireims » Version: 5.0

cpe:2.3:a:sapphireims:sapphireims:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25564

Products

Pricing

Contact Us