Описание
A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in data corruption.
Ссылки
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.0.0 (включая)Версия до 1.1.0.2 (включая)
Одновременно
Одно из
cpe:2.3:a:bd:database_manager:3.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:performa:*:*:*:*:*:*:*:*
cpe:2.3:a:bd:reada:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:bd:inoqula\+:-:*:*:*:*:*:*:*
cpe:2.3:h:bd:kiestra_tla:-:*:*:*:*:*:*:*
cpe:2.3:h:bd:kiestra_wca:-:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00172
Низкий
5.6 Medium
CVSS3
3.8 Low
CVSS2
Дефекты
CWE-356
CWE-89
Связанные уязвимости
CVSS3: 5.6
github
больше 3 лет назад
A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in data corruption.
EPSS
Процентиль: 39%
0.00172
Низкий
5.6 Medium
CVSS3
3.8 Low
CVSS2
Дефекты
CWE-356
CWE-89