exploitDog

GHSA-q325-2q6c-cgg6

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

Ссылки

EPSS

Процентиль: 97%

0.39749

Средний

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2008-2286

nvd

больше 17 лет назад

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

EPSS

Процентиль: 97%

0.39749

Средний

CVE ID

Дефекты

CWE-89