CVE-2023-2567 in Guardian and CMCالمعلومات

الملخص

بحسب MITRE • 19/09/2023

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

08/05/2023

إفشاء

19/09/2023

الاعتدال

تمت الموافقة

إدخال

VDB-239935

EPSS

0.00504

KEV

لا

النشاطات

منخفض جدًا

المصادر

Want to stay up to date on a daily basis?

Enable the mail alert feature now!