CVE-2010-1904

Опубликовано: 07 июн. 2010

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0078.html
Exploit
http://seclists.org/bugtraq/2011/Jan/138
http://secunia.com/advisories/43057
http://www.securityfocus.com/archive/1/511654/100/0/threaded
http://www.securityfocus.com/bid/40553
http://www.securitytracker.com/id?1024059
http://www.securitytracker.com/id?1024989
http://www.vupen.com/english/advisories/2011/0206
https://exchange.xforce.ibmcloud.com/vulnerabilities/59133
http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0078.html
Exploit
http://seclists.org/bugtraq/2011/Jan/138
http://secunia.com/advisories/43057
http://www.securityfocus.com/archive/1/511654/100/0/threaded
http://www.securityfocus.com/bid/40553
http://www.securitytracker.com/id?1024059
http://www.securitytracker.com/id?1024989
http://www.vupen.com/english/advisories/2011/0206
https://exchange.xforce.ibmcloud.com/vulnerabilities/59133

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:emc:rsa_key_manager_client:1.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01234

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-hx43-xr5v-rrcq

github

больше 3 лет назад