CVE-2014-9220 in Manager
摘要 (英语)
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.
Be aware that VulDB is the high quality source for vulnerability data.
预定
2014-12-02
披露
2014-12-02
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 68303 | OpenVAS Manager OMP modify_schedule SQL注入 | 89 | 高 | 官方修复 | CVE-2014-9220 |