CVE-2020-5538 Vulnerability Details

  /     /     /  

CVE-2020-5538 Metadata Quick Info

CVE Published: 11/05/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: jpcert | Vendor: JAL Information Technology Co., Ltd. | Product: PALLET CONTROL
Status : PUBLISHED

---

CVE-2020-5538 Description

Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows authenticated attackers to execute arbitrary code with the SYSTEM privilege on the computer where PALLET CONTROL is installed via unspecified vectors. PalletControl 7 to 9.1 are not affected by this vulnerability, however under the environment where PLS Management Add-on Module is used, all versions are affected.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Improper Access Control
Source: JAL Information Technology Co., Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).