exploitDog

GHSA-6hvj-j96w-8755

Опубликовано: 19 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access to the EBX server to execute arbitrary SQL statements on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.17 and below, versions 5.6.2 and below, version 6.1.0.

The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access to the EBX server to execute arbitrary SQL statements on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.17 and below, versions 5.6.2 and below, version 6.1.0.

Ссылки

EPSS

Процентиль: 41%

0.00194

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-26217

CVSS3: 8.8

nvd

больше 2 лет назад

The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access to the EBX server to execute arbitrary SQL statements on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.17 and below, versions 5.6.2 and below, version 6.1.0.

BDU:2023-06371

CVSS3: 8.8

fstec

больше 2 лет назад

Уязвимость программного обеспечения управления активами данных TIBCO EBX, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнять произвольные SQL-запросы

EPSS

Процентиль: 41%

0.00194

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89