Описание
SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:orientdb:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00356
Низкий
9.1 Critical
CVSS3
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application.
EPSS
Процентиль: 57%
0.00356
Низкий
9.1 Critical
CVSS3
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo