Описание
A security vulnerability has been identified in HPE Telco Service Orchestrator software. The vulnerability could allow authenticated clients to to perform a SQL Injection attack when sending a service request, and potentially exfiltrate the database's vendor name to unauthorized authenticated clients.
EPSS
Процентиль: 4%
0.0002
Низкий
7.1 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.1
github
7 месяцев назад
A security vulnerability has been identified in HPE Telco Service Orchestrator software. The vulnerability could allow authenticated clients to to perform a SQL Injection attack when sending a service request, and potentially exfiltrate the database's vendor name to unauthorized authenticated clients.
EPSS
Процентиль: 4%
0.0002
Низкий
7.1 High
CVSS3
Дефекты
CWE-89