exploitDog

CVE-2010-4284

Опубликовано: 09 мая 2011

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://www.kb.cert.org/vuls/id/236668
Patch
US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf
Patch
US Government Resource
http://www.kb.cert.org/vuls/id/236668
Patch
US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf
Patch
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:samsung:data_management_server:*:*:*:*:*:*:*:*

Версия до 1.4.2 (включая)

cpe:2.3:a:samsung:data_management_server:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:samsung:data_management_server:1.4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02887

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-x2mv-9qmp-fx7x

github

больше 3 лет назад

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 86%

0.02887

Низкий

7.5 High

CVSS2

Дефекты

CWE-89