CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6971

In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

https://www.us-cert.gov/ics/advisories/icsa-20-063-01
https://www.us-cert.gov/ics/advisories/icsa-20-063-01

Products affected by CVE-2020-6971

Emerson » Valvelink » Version: 12.0.264

cpe:2.3:a:emerson:valvelink:12.0.264
Emerson » Valvelink » Version: 13.4.118

cpe:2.3:a:emerson:valvelink:13.4.118

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6971

Products

Pricing

Contact Us