Vulnerability CVE-2015-0161

Vulnerability CVE-2015-0161

Published: 2015-05-25

Description:

SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.5/10	6.4/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
IBM -> Security siteprotector system

References:

http://www-01.ibm.com/support/docview.wss?uid=swg21699470

Copyright 2024, cxsecurity.com