CVE-2015-5452 in XCS
Сводка (Английский)
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Резервировать
08.07.2015
Раскрытие
08.07.2015
Статус
Подтверждённый
Записи
VulDB provides additional information and datapoints for this CVE:
| ИД | Уязвимость | CWE | Экс | Кон | CVE |
|---|---|---|---|---|---|
| 76341 | WatchGuard XCS sid Cookie compose.php3 SQL-инъекция | 89 | Доказательство концепции | Официальное исправление | CVE-2015-5452 |