exploitDog

CVE-2020-12507

Опубликовано: 15 нояб. 2022

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.

Ссылки

https://www.s-can.at/en/the-new-monitool-v4-2-security-first/
Vendor Advisory
https://www.s-can.at/en/the-new-monitool-v4-2-security-first/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:badgermeter:moni\:\:tool:4.2:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00705

Низкий

8.8 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-h6x8-4mx9-224h

CVSS3: 8.8

github

около 3 лет назад

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.

EPSS

Процентиль: 72%

0.00705

Низкий

8.8 High

CVSS3

Дефекты

CWE-89