CVE-2020-7819 CRITICAL

CVE-2020-7819: nTracker USB Enterprise SQL-Injection vulnerability

Vendor Ntracksystem

Product nTracker USB Enterprise

Weakness CWE-200 · Info exposure

Published September 7, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

9.3/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information.

Key dates

02Disclosure timeline

September 7, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-7819 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

CVE-2020-7819: nTracker USB Enterprise SQL-Injection vulnerability

01Description

02Disclosure timeline

03References

04Related CVE