10

CVE-2020-24384

EPSS 5.64%
Veröffentlicht 10.11.2020 14:15:10
Zuletzt bearbeitet 21.11.2024 05:14:42
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x are affected. aGalaxy versions 3.0.x, 3.2.x, and 5.0.x are affected.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

A10networks ≫ Agalaxy Version >= 3.2.1 <= 3.2.4

A10networks ≫ Agalaxy Version >= 5.0.1 < 5.0.5

A10networks ≫ Agalaxy Version3.0.1

A10networks ≫ Agalaxy Version3.0.4 Updatep3

A10networks ≫ Agalaxy Version5.0.5 Update-

A10networks ≫ Advanced Core Operating System Version3.2.2 Update-

A10networks ≫ Advanced Core Operating System Version3.2.2 Updatep8

A10networks ≫ Advanced Core Operating System Version3.2.3 Update-

A10networks ≫ Advanced Core Operating System Version3.2.3 Updatep5

A10networks ≫ Advanced Core Operating System Version3.2.4 Update-

A10networks ≫ Advanced Core Operating System Version3.2.4 Updatep5

A10networks ≫ Advanced Core Operating System Version3.2.5 Update-

A10networks ≫ Advanced Core Operating System Version3.2.5 Updatep1

A10networks ≫ Advanced Core Operating System Version4.0.0 Update-

A10networks ≫ Advanced Core Operating System Version4.0.1 Updatep3

A10networks ≫ Advanced Core Operating System Version4.1.0 Update-

A10networks ≫ Advanced Core Operating System Version4.1.0 Updatep13

A10networks ≫ Advanced Core Operating System Version4.1.1 Update-

A10networks ≫ Advanced Core Operating System Version4.1.1 Updatep13 Editionsp1

A10networks ≫ Advanced Core Operating System Version4.1.2 Update-

A10networks ≫ Advanced Core Operating System Version4.1.2 Updatep5 Editionsp1

A10networks ≫ Advanced Core Operating System Version4.1.4 Update-

A10networks ≫ Advanced Core Operating System Version4.1.4 Updategr1-p4 Editionsp1

A10networks ≫ Advanced Core Operating System Version4.1.100 Update-

A10networks ≫ Advanced Core Operating System Version4.1.100 Updatep7

A10networks ≫ Advanced Core Operating System Version5.1.0 Update-

A10networks ≫ Advanced Core Operating System Version5.1.0 Updatep3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.64%	0.894

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

https://support.a10networks.com/support/security_advisory/acos-agalaxy-gui-rce-vulnerability-cve-2020-24384

Patch

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2020-24384

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-24384

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-24384

EUVD