exploitDog

CVE-2018-1280

Опубликовано: 11 мая 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.

Ссылки

http://www.securityfocus.com/bid/104153
Third Party Advisory
VDB Entry
https://pivotal.io/security/cve-2018-1280
Vendor Advisory
http://www.securityfocus.com/bid/104153
Third Party Advisory
VDB Entry
https://pivotal.io/security/cve-2018-1280
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pivotal_software:greenplum_command_center:*:*:*:*:*:*:*:*

Версия от 2.0.0 (включая) до 2.5.1 (исключая)

EPSS

Процентиль: 64%

0.00486

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-xw2x-258j-w7p8

CVSS3: 7.5

github

больше 3 лет назад

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.

EPSS

Процентиль: 64%

0.00486

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89