Описание
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cambiumnetworks:cnmaestro:2.4.2:*:*:*:on_premises:*:*:*
cpe:2.3:o:cambiumnetworks:cnmaestro:3.0.0:*:*:*:on_premises:*:*:*
cpe:2.3:o:cambiumnetworks:cnmaestro:3.0.3:*:*:*:on_premises:*:*:*
EPSS
Процентиль: 41%
0.00188
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database.
EPSS
Процентиль: 41%
0.00188
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-89