exploitDog

CVE-2016-4351

Опубликовано: 05 мая 2016

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://www.zerodayinitiative.com/advisories/ZDI-16-248
Third Party Advisory
VDB Entry
https://esupport.trendmicro.com/solution/en-US/1114060.aspx
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-16-248
Third Party Advisory
VDB Entry
https://esupport.trendmicro.com/solution/en-US/1114060.aspx
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trendmicro:email_encryption_gateway:*:*:*:*:*:*:*:*

Версия до 5.5 (включая)

EPSS

Процентиль: 73%

0.00769

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-wwg6-5h73-f2q4

CVSS3: 9.8

github

больше 3 лет назад

SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 73%

0.00769

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89