Описание
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
Ссылки
- Patch
- Patch
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cyrus:sasl:1.5.24:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:sasl:1.5.27:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04097
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 22 лет назад
SQL injection vulnerability in the LDAP and MySQL authentication patch ...
github
больше 3 лет назад
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
EPSS
Процентиль: 88%
0.04097
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other