Aruba Analytics and Location Engine (ALE) Web Management Interface Privilege Escalation Vulnerability
CVE-2020-7119 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user.
Learn more about our Web App Pen Testing.