CVE-2014-4627

Опубликовано: 07 нояб. 2014

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2014-11/0028.html
Broken Link
http://packetstormsecurity.com/files/128986/RSA-Web-Threat-Detection-SQL-Injection.html
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/70955
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031172
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/98523
Third Party Advisory
VDB Entry
http://archives.neohapsis.com/archives/bugtraq/2014-11/0028.html
Broken Link
http://packetstormsecurity.com/files/128986/RSA-Web-Threat-Detection-SQL-Injection.html
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/70955
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031172
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/98523
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rsa:web_threat_detection:*:*:*:*:*:*:*:*

Версия от 4.0 (включая) до 4.6.1.1 (исключая)

EPSS

Процентиль: 79%

0.0131

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-3mhg-8478-5f87