CVE-2020-35935
Advanced Access Manager <= 6.6.1 - Authenticated Authorization Bypass and Privilege Escalation
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Advanced Access Manager plugin before 6.6.2 for WordPress allows privilege escalation on profile updates via the aam_user_roles POST parameter if Multiple Role support is enabled. (The mechanism for deciding whether a user was entitled to add a role did not work in various custom-role scenarios.)
El plugin Advanced Access Manager versiones anteriores a 6.6.2 para WordPress, permite una escalada de privilegios en las actualizaciones de perfil por medio del parámetro POST aam_user_roles si la compatibilidad con Roles Múltiples está habilitada. (El mecanismo para decidir si un usuario tenía derecho a agregar un rol no funcionó en varios escenarios de roles personalizados).
*Credits:
Ram
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-08-14 CVE Published
- 2021-01-01 CVE Reserved
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-305: Authentication Bypass by Primary Weakness
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vasyltech Search vendor "Vasyltech" | Advanced Access Manager Search vendor "Vasyltech" for product "Advanced Access Manager" | < 6.6.2 Search vendor "Vasyltech" for product "Advanced Access Manager" and version " < 6.6.2" | wordpress |
Affected
| ||||||