Описание
A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1.
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.3-0.18.1 (исключая)Версия до 1.1.2-0.25.1 (исключая)
Одно из
cpe:2.3:a:suse:studio_onsite:*:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio_onsite_appliance:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00281
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1.
EPSS
Процентиль: 51%
0.00281
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89