National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2020-10806

Change History

Initial Analysis - 3/25/2020 4:28:12 PM

Action Type Old Value New Value
Changed Reference Type
https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads No Types Assigned
https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads Vendor Advisory
Added CWE
NIST CWE-434
Added CVSS V2
NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3.1
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:a:ez:ez_publish-kernel:*:*:*:*:*:*:*:* versions up to (excluding) 5.4.14.1
     *cpe:2.3:a:ez:ez_publish-kernel:*:*:*:*:*:*:*:* versions from (including) 6.0.0 up to (excluding) 6.13.6.2
     *cpe:2.3:a:ez:ez_publish-kernel:*:*:*:*:*:*:*:* versions from (including) 7.0.0 up to (excluding) 7.5.6.2
     *cpe:2.3:a:ez:ez_publish-legacy:*:*:*:*:*:*:*:* versions up to (excluding) 5.4.14.1
     *cpe:2.3:a:ez:ez_publish-legacy:*:*:*:*:*:*:*:* versions from (including) 2017.0 up to (excluding) 2017.12.7.2
     *cpe:2.3:a:ez:ez_publish-legacy:*:*:*:*:*:*:*:* versions from (including) 2019.0 up to (excluding) 2019.03.4.2