Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jun 10, 2022

CVE-2020-17463

High
EPSS 15.3%CISA KEV
Fuel CMS/Fuel CMS

Description

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.

EPSS — Exploit Probability

15.3%

Higher than 94.5% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2020-17463

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
15.3%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Dec 10, 2021

Added to KEV

Dec 10, 2021

Remediation Due

Jun 10, 2022

Affected Product

Fuel CMS

Fuel CMS

View all Fuel CMS CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE