Описание
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the job_id parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:fireeye:email_malware_protection_system:9.0.1.923211:*:*:*:*:*:*:*
cpe:2.3:h:fireeye:ex_3500:-:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00204
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the job_id parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3.
EPSS
Процентиль: 42%
0.00204
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-89