Vulnerabilities > CVE-2020-11101 - Unspecified vulnerability in Sierrawireless Airlink Mobility Manager

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

sierrawireless

critical

NVD

Published: 2022-12-26

Updated: 2023-01-05

Summary

Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.

Vulnerable Configurations

Part	Description	Count
Application	Sierrawireless Sierrawireless Airlink Mobility Manager -	1

References

https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2020-007---amm-unauthenticated-login.ashx
https://www.sierrawireless.com/company/security/