Описание
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.
Уязвимые конфигурации
EPSS
8.1 High
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.
Уязвимость программного средства защиты McAfee Advanced Threat Defense, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить произвольные команды
EPSS
8.1 High
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2