Aruba Analytics and Location Engine (ALE) Web Management Interface Privilege Escalation Vulnerability

CVE-2020-7119 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user.

Learn more about our Web App Pen Testing.