[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-11508

Date: (C)2017-11-04   (M)2017-11-10 


SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could exploit this vulnerability by entering a crafted SQL query into the password field of a diagnostic scan within SecurityCenter. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access.

CVSS Score: 6.5Access Vector:
Exploit Score: Access Complexity:
Impact Score: Authentication:
 Confidentiality:
 Integrity:
 Availability:





Reference:
https://www.tenable.com/security/tns-2017-13

© 2013 SecPod Technologies