Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-3q27-5m93-xfm4

Опубликовано: 28 янв. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 8.6

Описание

Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. 

A malicious user with network access may be able to use specially crafted SQL queries to gain database access.

Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. 

A malicious user with network access may be able to use specially crafted SQL queries to gain database access.

Ссылки

EPSS

Процентиль: 37%
0.0016
Низкий

8.6 High

CVSS3

CVE ID

CVE-2025-22217

Дефекты

CWE-89

Связанные уязвимости

nvd логотип

CVE-2025-22217

CVSS3: 8.6
nvd
около 1 года назад

Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.  A malicious user with network access may be able to use specially crafted SQL queries to gain database access.

fstec логотип

BDU:2025-00899

CVSS3: 8.6
fstec
около 1 года назад

Уязвимость программного обеспечения для управления трафиком в гибридных и мультиоблачных средах VMware Avi Load Balancer, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю получить доступ к внутренней базе данных

EPSS

Процентиль: 37%
0.0016
Низкий

8.6 High

CVSS3

CVE ID

CVE-2025-22217

Дефекты

CWE-89